12.7.1055.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

claranova

NVD

Published: 2020-03-18

Updated: 2023-11-07

Summary

Adaware antivirus 12.6.1005.11662 and 12.7.1055.0 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder.

Vulnerable Configurations

Part	Description	Count
Application	Claranova Claranova Adaware Antivirus 12.6.1005.11662 Claranova Adaware Antivirus 12.7.1055.0	2

References

https://medium.com/%40kusolwatcharaapanukorn/0-days-adaware-antivirus-quarantine-flaws-allow-privilege-escalation-3d1f3c8214ec