Quickheal: >> Total Security >> 12.00 Security Vulnerabilities
Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.
CVSS Score
7.9
EPSS Score
0.0
Published
2022-05-23
A DLL hijacking vulnerability in the installed for Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code, via the installer not restricting the search path for required DLLs and then not verifying the signature of the DLLs it tries to load.
CVSS Score
7.9
EPSS Score
0.001
Published
2022-05-23
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.
CVSS Score
4.4
EPSS Score
0.0
Published
2020-11-30
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
CVSS Score
5.9
EPSS Score
0.001
Published
2020-11-30
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-11-30