CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17114
https://notcve.org/view.php?id=CVE-2017-17114
ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request. ntguard.sys y ntguard_x64.sys 0.18780.0.0 en IKARUS anti.virus 2.16.15 tiene una vulnerabilidad de corrupción de memoria mediante una petición 0x83000084 DeviceIoControl. • https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Memory_Corruption_1_0x83000084 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2017-14961 – IKARUS anti.virus 2.16.7 - 'ntguard_x64' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-14961
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c. En la versión 2.16.7 de IKARUS anti.virus, el controlador ntguard.sys contiene una vulnerabilidad de escritura arbitraria debido a que no valida valores de entrada de IOCtl 0x8300000c. IKARUS AntiVirus version 2.16.7 suffers from an ntguard_x64 privilege escalation vulnerability. • https://www.exploit-db.com/exploits/43139 http://packetstormsecurity.com/files/144955/IKARUS-AntiVirus-2.16.7-Privilege-Escalation.html https://theevilbit.blogspot.co.uk/2017/11/turning-cve-2017-14961-ikarus-antivirus.html https://www.ikarussecurity.com/about-ikarus/security-blog/vulnerability-in-windows-antivirus-products-ik-sa-2017-0002 • CWE-20: Improper Input Validation •