Escan Anti Virus
CVE-2023-4383
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-279. A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Affected products include: Escanav Escan Anti-Virus.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Escan Anti Virus
View alleScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to
A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Rated medium severity
A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated m
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Rated medium severity
A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Rated medium sev
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerabi
A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.6), this vulnerabi
A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Rated low severity (CVSS
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated critical severity (CVSS 9.2), this vulner
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerab
A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerabi
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerab
Same weakness CWE-279 – Incorrect Execution-Assigned Permissions
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today