CVE-2018-19650

Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html	Exploit Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:antiy:anti_virus_lab_atool:1.0.0.22:*:*:*:*:*:*:*

History

21 Nov 2024, 03:58

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry~~	() http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2018-12-05 22:29

Updated : 2024-11-21 03:58

NVD link : CVE-2018-19650

Mitre link : CVE-2018-19650

CVE.ORG link : CVE-2018-19650

JSON object : View

Products Affected

antiy

anti_virus_lab_atool

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2018-19650", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2018-12-05T22:29:00.583", "references": [{"url": "http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service."}, {"lang": "es", "value": "Los atacantes locales pueden desencadenar un desbordamiento de b\u00fafer basado en pila en instalaciones vulnerables de la herramienta de gesti\u00f3n de seguridad Antiy-AVL ATool v1.0.0.22. En primer lugar, un atacante debe obtener la capacidad de ejecutar c\u00f3digo de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. Este error en concreto existe al procesar el IOCTL 0x80002000 por el controlador del kernel IRPFile.sys de Antiy-AVL ATool. El error proviene del error a la hora de validar correctamente la longitud de los datos proporcionados por el usuario, lo que resulta en un desbordamiento de b\u00fafer basado en la pila del kernel. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto del kernel, lo que podr\u00eda conducir al escalado de privilegios; si la explotaci\u00f3n falla, podr\u00eda derivar en una denegaci\u00f3n de servicio (DoS)."}], "lastModified": "2024-11-21T03:58:21.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:antiy:anti_virus_lab_atool:1.0.0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "217DABFF-757A-4823-97E5-3B9DF2565BDC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}