CVE-2024-7239

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
Updated: Dec 11, 2024
CWE ID 59

Summary

CVE-2024-7239 is a local privilege escalation vulnerability affecting VIPRE Advanced Security. An attacker needs initial low-privilege access to target systems to exploit this issue. The flaw lies within the Anti-Malware Service and allows an attacker to create a symbolic link, manipulating the service to delete a file. By doing so, an attacker can gain higher privileges, enabling the execution of arbitrary code with SYSTEM-level access. This vulnerability, identified as ZDI-CAN-22314, could potentially lead to serious security consequences.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share