Vir.IT Explorer Anti-Virus is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to gain elevated privileges.
Vir.IT Explorer Anti-Virus prior to version 8.5.42 are vulnerable.
Information
Bugtraq ID: 101851Class: Design Error
CVE: CVE-2017-16237
Remote: No
Local: Yes
Published: Nov 03 2017 12:00AM
Updated: Nov 15 2017 08:07PM
Credit: Parvez Anwar (@parvezghh).
Vulnerable: TG Soft Vir.IT eXplorer Anti-Virus 8.5.39
Not Vulnerable: TG Soft Vir.IT eXplorer Anti-Virus 8.5.42
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
