First published: Mon Jul 03 2023(Updated: )
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.
Credit: trellixpsirt@trellix.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trellix Move | <=4.10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-3438 is an unquoted Windows search path vulnerability that allows an unauthorized local user to insert arbitrary code into the unquoted service path, leading to privilege escalation and the ability to stop antimalware functionality.
CVE-2023-3438 impacts the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe) by allowing an unauthorized local user to exploit the unquoted service path to gain elevated privileges and disable antimalware functionality.
CVE-2023-3438 has a severity rating of high, with a CVSS score of 7.8.
To fix CVE-2023-3438, it is recommended to update to a version of MOVE that is not affected by the vulnerability.
For more information about CVE-2023-3438, you can visit the following link: [https://kcm.trellix.com/corporate/index?page=content&id=SB10404](https://kcm.trellix.com/corporate/index?page=content&id=SB10404)