Skip to main content

Escan Anti Virus CVE-2023-4383

HIGH
Incorrect Execution-Assigned Permissions (CWE-279)
2023-08-16 cna@vuldb.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 16, 2023 - 20:15 nvd
HIGH 7.8

DescriptionNVD

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-279. A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Affected products include: Escanav Escan Anti-Virus.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-18388 CRITICAL
9.8 Dec 20

eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to

CVE-2023-2875 MEDIUM POC
5.5 May 24

A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Rated medium severity

CVE-2025-1370 MEDIUM POC
4.8 Feb 17

A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated m

CVE-2025-1366 MEDIUM POC
4.8 Feb 17

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Rated medium severity

CVE-2025-1364 MEDIUM POC
4.8 Feb 16

A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Rated medium sev

CVE-2025-1367 MEDIUM POC
4.8 Feb 17

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerabi

CVE-2025-1368 MEDIUM POC
4.6 Feb 17

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.6), this vulnerabi

CVE-2025-1369 LOW POC
2.0 Feb 17

A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated low severity (CVSS

CVE-2025-0798 CRITICAL POC
9.2 Jan 29

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated critical severity (CVSS 9.2), this vulner

CVE-2025-0797 MEDIUM POC
4.8 Jan 29

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerab

CVE-2025-0720 MEDIUM
4.8 Jan 26

A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerabi

CVE-2024-13188 MEDIUM POC
4.8 Jan 08

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerab

Share

CVE-2023-4383 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy