K7computing: >> Ultimate Security >> 14.2.0.252 Security Vulnerabilities
In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
CVSS Score
7.0
EPSS Score
0.001
Published
2018-01-16
In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-01-16
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
CVSS Score
7.2
EPSS Score
0.009
Published
2015-02-06
Page 3