CVE-2020-9362
QuickHeal Generic Malformed Archive Bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
El motor de análisis de Quick Heal AV (Noviembre 2019), permite una omisión de la detección de virus por medio de un GPFLAG diseñado en un archivo ZIP. Esto afecta a Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, y Total Security for Android.
The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-24 CVE Reserved
- 2020-02-24 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-436: Interpretation Conflict
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/156580/QuickHeal-Generic-Malformed-Archive-Bypass.html | Third Party Advisory |
|
| http://seclists.org/fulldisclosure/2020/Mar/14 | Mailing List |
|
| https://blog.zoller.lu/p/from-low-hanging-fruit-department_24.html | Third Party Advisory | |
| https://blog.zoller.lu/p/tzo-20-2020-quickheal-malformed-archive.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Quickheal Search vendor "Quickheal" | Antivirus For Server Search vendor "Quickheal" for product "Antivirus For Server" | 2019-11 Search vendor "Quickheal" for product "Antivirus For Server" and version "2019-11" | - |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Antivirus Pro Search vendor "Quickheal" for product "Antivirus Pro" | 2019-11 Search vendor "Quickheal" for product "Antivirus Pro" and version "2019-11" | - |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Home Security Search vendor "Quickheal" for product "Home Security" | 2019-11 Search vendor "Quickheal" for product "Home Security" and version "2019-11" | - |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Internet Security Search vendor "Quickheal" for product "Internet Security" | 2019-11 Search vendor "Quickheal" for product "Internet Security" and version "2019-11" | - |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Total Security Search vendor "Quickheal" for product "Total Security" | 2019-11 Search vendor "Quickheal" for product "Total Security" and version "2019-11" | - |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Total Security Search vendor "Quickheal" for product "Total Security" | 2019-11 Search vendor "Quickheal" for product "Total Security" and version "2019-11" | android |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Total Security Search vendor "Quickheal" for product "Total Security" | 2019-11 Search vendor "Quickheal" for product "Total Security" and version "2019-11" | mac_os |
Affected
| ||||||
| Quickheal Search vendor "Quickheal" | Total Security Multi-device Search vendor "Quickheal" for product "Total Security Multi-device" | 2019-11 Search vendor "Quickheal" for product "Total Security Multi-device" and version "2019-11" | - |
Affected
| ||||||