MEDIUM🇵🇱 Wersja polska

CVE-2025-1367

CVSS 4.8v4.0pub. 2025-02-17upd. 2025-06-27

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Escanav Escan Anti Virus

    APP
    Escanav
    7.0.32
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2025-0798CRITICAL9.2PL ✓ten sam produkt

Command injection w MicroWorld eScan Antivirus 7.0.32 (Linux) — RCE

CVE-2018-18388CRITICAL9.8ten sam produkt

eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local at...

CVE-2023-4383HIGH7.8ten sam produkt

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. T...

CVE-2021-26624HIGH7.8ten sam produkt

An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerabili...

CVE-2025-1366MEDIUM4.8ten sam produkt

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by...