CVE-2019-16897

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.

En K7 Antivirus Premium versiones 16.0.xxx hasta 16.0.0120; K7 Total Security versiones 16.0.xxx hasta 16.0.0120; y K7 Ultimate Security versiones 16.0.xxx hasta 16.0.0120, el módulo K7TSHlpr.dll comprueba inapropiadamente los privilegios administrativos del usuario, permitiendo escrituras de registro arbitrarias en el módulo K7AVOptn.dll para facilitar la escalada de privilegios por medio de la comunicación entre procesos con un proceso de servicio .

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-09-25 CVE Reserved
2019-10-28 CVE Published
2023-10-04 EPSS Updated
2024-08-05 CVE Updated
2024-08-05 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-269: Improper Privilege Management

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC
https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/K7%20Security/Local%20Privilege%20Escalation/v16.0.0120/README.md	2024-08-05

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
K7computing Search vendor "K7computing"		K7 Antivirus Premium Search vendor "K7computing" for product "K7 Antivirus Premium"				>= 16.0.000 <= 16.0.0120 Search vendor "K7computing" for product "K7 Antivirus Premium" and version " >= 16.0.000 <= 16.0.0120"		-		Affected
K7computing Search vendor "K7computing"		K7 Total Security Search vendor "K7computing" for product "K7 Total Security"				>= 16.0.000 <= 16.0.0120 Search vendor "K7computing" for product "K7 Total Security" and version " >= 16.0.000 <= 16.0.0120"		-		Affected
K7computing Search vendor "K7computing"		K7 Ultimate Security Search vendor "K7computing" for product "K7 Ultimate Security"				>= 16.0.000 <= 16.0.0120 Search vendor "K7computing" for product "K7 Ultimate Security" and version " >= 16.0.000 <= 16.0.0120"		-		Affected