The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.
References
Link | Resource |
---|---|
https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md | Exploit Third Party Advisory |
https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/NtRaiseHardError/Antimalware-Research/blob/master/BullGuard/Privileged%20File%20Delete/v20.0.371.8/README.md - Exploit, Third Party Advisory |
Information
Published : 2019-12-26 05:15
Updated : 2024-11-21 04:37
NVD link : CVE-2019-20000
Mitre link : CVE-2019-20000
CVE.ORG link : CVE-2019-20000
JSON object : View
Products Affected
bullguard
- premium_protection
CWE
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition