CVE-2023-7241 – Webroot Antivirus COM-Hijacking LPE
https://notcve.org/view.php?id=CVE-2023-7241
Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files. La escalada de privilegios en WRSA.EXE en Webroot Antivirus 8.0.1X-9.0.35.12 en Windows de 64 y 32 bits permite que software malicioso abuse de WRSA.EXE para eliminar archivos arbitrarios y protegidos. • https://answers.webroot.com/Webroot/ukp.aspx?&app=vw&vw=1&login=1&solutionid=4258 https://www.webroot.com/us/en/business/support/release-notes#heading-endpoint https://www.webroot.com/us/en/support/support-consumer-release-notes • CWE-269: Improper Privilege Management •
CVE-2023-29818
https://notcve.org/view.php?id=CVE-2023-29818
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin. • http://secureanywhere.com http://webroot.com https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere •
CVE-2023-29819
https://notcve.org/view.php?id=CVE-2023-29819
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload. • http://secureanywhere.com http://webroot.com https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere • CWE-269: Improper Privilege Management •
CVE-2023-29820
https://notcve.org/view.php?id=CVE-2023-29820
An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer. NOTE: the vendor's perspective is that this is not a separate vulnerability relative to CVE-2023-29818 and CVE-2023-29819. • http://secureanywhere.com http://webroot.com https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2021-40425
https://notcve.org/view.php?id=CVE-2021-40425
An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B_03 of Webroot Secure Anywhere 21.4. An IOCTL_B03 request with specific invalid data causes a similar issue in the device driver WRCore_x64. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1433 • CWE-125: Out-of-bounds Read •