Vulnerability Details CVE-2019-13357
In Total Defense Anti-virus 9.0.0.773, resource acquisition from the untrusted search path C:\ used by caschelp.exe allows local attackers to hijack ccGUIFrm.dll, which leads to code execution. SYSTEM-level code execution can be achieved when the ccSchedulerSVC service runs the affected executable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
Products affected by CVE-2019-13357
-
cpe:2.3:a:totaldefense:anti-virus:9.0.0.773