CVE-2019-19382
First published: Tue Dec 03 2019(Updated: )
Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Local attackers can replace a .exe or .dll file to achieve privilege escalation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Maxpcsecure Anti Virus Plus | =19.0.4.020 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Max Secure Anti Virus Plus?
The vulnerability ID for Max Secure Anti Virus Plus is CVE-2019-19382.
What is the severity level of CVE-2019-19382?
The severity level of CVE-2019-19382 is high with a score of 7.8.
What is the description of CVE-2019-19382?
CVE-2019-19382 is a vulnerability in Max Secure Anti Virus Plus 19.0.4.020 that allows local attackers to replace .exe or .dll files and achieve privilege escalation due to insecure permissions on the installation directory.
How can local attackers exploit CVE-2019-19382?
Local attackers can exploit CVE-2019-19382 by replacing a .exe or .dll file in the Max Secure Anti Virus Plus installation directory.
Are there any references available for CVE-2019-19382?
Yes, references for CVE-2019-19382 can be found at the following URLs: [http://hyp3rlinx.altervista.org](http://hyp3rlinx.altervista.org), [http://packetstormsecurity.com/files/155506/Max-Secure-Anti-Virus-Plus-19.0.4.020-Insecure-Permissions.html](http://packetstormsecurity.com/files/155506/Max-Secure-Anti-Virus-Plus-19.0.4.020-Insecure-Permissions.html)
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- vendor/maxpcsecure
- canonical/maxpcsecure anti virus plus
- version/maxpcsecure anti virus plus/19.0.4.020