CVE-2022-31466
TOCTOU Vulnerability in Quick Heal Total Security
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.
La vulnerabilidad Tiempo de comprobación - Tiempo de uso (TOCTOU) en Quick Heal Total Security anterior a la versión 12.1.1.27 permite a un atacante local conseguir una escalada de privilegios, que puede llevar a la eliminación de archivos del sistema. Esto se consigue aprovechando el tiempo que transcurre entre la detección de un archivo como malicioso y el momento en que se realiza la acción de ponerlo en cuarentena o limpiarlo, y utilizando ese tiempo para sustituir el archivo malicioso por un enlace simbólico
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-23 CVE Reserved
- 2022-05-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://softwaresec001.wordpress.com/2022/05/13/privilege-escalation-vulnerability-in-quick-heal-total-security | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Quickheal Search vendor "Quickheal" | Total Security Search vendor "Quickheal" for product "Total Security" | < 12.1.1.27 Search vendor "Quickheal" for product "Total Security" and version " < 12.1.1.27" | - |
Affected
|