CVE-2024-7239
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 22, 2024
Updated: Dec 11, 2024
CWE ID 59
Summary
CVE-2024-7239 is a local privilege escalation vulnerability affecting VIPRE Advanced Security. An attacker needs initial low-privilege access to target systems to exploit this issue. The flaw lies within the Anti-Malware Service and allows an attacker to create a symbolic link, manipulating the service to delete a file. By doing so, an attacker can gain higher privileges, enabling the execution of arbitrary code with SYSTEM-level access. This vulnerability, identified as ZDI-CAN-22314, could potentially lead to serious security consequences.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share