CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16897

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-16897

K7computing » K7 Antivirus Premium » Version: 16.0.000

cpe:2.3:a:k7computing:k7_antivirus_premium:16.0.000
K7computing » K7 Antivirus Premium » Version: 16.0.0120

cpe:2.3:a:k7computing:k7_antivirus_premium:16.0.0120
K7computing » K7 Total Security » Version: 16.0.000

cpe:2.3:a:k7computing:k7_total_security:16.0.000
K7computing » K7 Total Security » Version: 16.0.0120

cpe:2.3:a:k7computing:k7_total_security:16.0.0120
K7computing » K7 Ultimate Security » Version: 16.0.000

cpe:2.3:a:k7computing:k7_ultimate_security:16.0.000
K7computing » K7 Ultimate Security » Version: 16.0.0117

cpe:2.3:a:k7computing:k7_ultimate_security:16.0.0117
K7computing » K7 Ultimate Security » Version: 16.0.0120

cpe:2.3:a:k7computing:k7_ultimate_security:16.0.0120

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-16897

Products

Pricing

Contact Us