Incorrect Access Control in K7Antivirus Premium by K7Computing
CVE-2018-8044

7.8HIGH

Key Information:

Vendor

K7computing

Status
Enterprise Security
Ultimate Security
Total Security
Antivrius
Vendor
CVE Published:
11 January 2021

What is CVE-2018-8044?

K7Antivirus Premium version 15.1.0.53 by K7Computing has a vulnerability that allows for incorrect access control, potentially enabling local process execution through the affected component, K7Sentry.sys. This could lead to unauthorized execution of processes on the local system, posing risks to the integrity and security of the system.

References

http://k7computing.com
x_refsource_MISC
http://k7antivirus.com
x_refsource_MISC
https://support.k7computing.com/index.php?/selfhelp/view-...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.