CVE-2023-4383 – MicroWorld eScan Anti-Virus runasroot incorrect execution-assigned permissions
https://notcve.org/view.php?id=CVE-2023-4383
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. • https://gist.github.com/dmknght/ac489cf3605ded09b3925521afee3003 https://vuldb.com/?ctiid.237315 https://vuldb.com/?id.237315 • CWE-279: Incorrect Execution-Assigned Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-2875 – eScan Antivirus IoControlCode PROCOBSRVESX.SYS 0x22E008u null pointer dereference
https://notcve.org/view.php?id=CVE-2023-2875
A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1fvlP0d9HmApjWhYDjgsdco7g7FPsbn0V/view?usp=sharing https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2875 https://vuldb.com/?ctiid.229854 https://vuldb.com/?id.229854 • CWE-476: NULL Pointer Dereference •
CVE-2021-26624 – eScan Anti-Virus Local privilege escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-26624
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values. Una vulnerabilidad de escalada de privilegios local debido a un comando "runasroot" en eScan Anti-Virus. Esta vulnerabilidad es debido a argumentos no válidos y condiciones de ejecución insuficientes relacionadas con el comando "runasroot". • https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66596 • CWE-20: Improper Input Validation •
CVE-2018-18388
https://notcve.org/view.php?id=CVE-2018-18388
eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222. eScan Agent Application (MWAGENT.EXE) 4.0.2.98 en MicroWorld Technologies eScan 14.0 permite que atacantes locales o remotos ejecuten comandos arbitrarios mediante el envío de una carga útil cuidadosamente manipulada al puerto TCP 2222. • http://blog.escanav.com/2018/11/cve-2018-18388 •
CVE-2018-6202
https://notcve.org/view.php?id=CVE-2018-6202
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F8. En eScan Antivirus 14.0.1400.2029, el archivo del controlador (econceal.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x830020F8. • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/EscanAV_POC/tree/master/0x830020F8 • CWE-20: Improper Input Validation •