Vulnerabilities (CVE)

Filtered by vendor Escanav Subscribe
Filtered by product Escan Anti-virus
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4383 1 Escanav 1 Escan Anti-virus 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-2875 1 Escanav 1 Escan Anti-virus 2024-11-21 4.6 MEDIUM 5.5 MEDIUM
A vulnerability, which was classified as problematic, was found in eScan Antivirus 22.0.1400.2443. Affected is the function 0x22E008u in the library PROCOBSRVESX.SYS of the component IoControlCode Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2021-26624 1 Escanav 1 Escan Anti-virus 2024-11-21 10.0 HIGH 7.8 HIGH
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.
CVE-2018-18388 1 Escanav 1 Escan Anti-virus 2024-11-21 7.5 HIGH 9.8 CRITICAL
eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.