Vulnerabilities > CVE-2017-16550 - Unspecified vulnerability in K7Computing products

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

k7computing

NVD

Published: 2018-01-16

Updated: 2019-10-03

Summary

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

Vulnerable Configurations

Part	Description	Count
Application	K7Computing K7Computing Antivirus * K7Computing Endpoint * K7Computing Internet Security * K7Computing Total Security 14.2.0.252 K7Computing Total Security 15.1.0.305 K7Computing Total Security * K7Computing Ultimate Security 14.2.0.252	8

References

https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-November-2017