CVE-2025-1370

Medium CVSS: 4.8

A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7.0.32 on Linux. Affected by this issue is the function sprintf of the file epsdaemon of the component Autoscan USB. The manipulation leads to os command injection. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Escanav

Product

Escan Anti-virus

CWE

CWE-77

Yayın Tarihi

2025-02-17 03:15:09

Güncelleme

2025-06-27 17:45:14

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-77 Escan Anti-virus MEDIUM Escanav 2025

Referanslar

https://github.com/dmknght/FIS_RnD/blob/main/escan_av_usb_protection_multiple_vulns.md https://vuldb.com/?ctiid.295976 https://vuldb.com/?id.295976 https://github.com/dmknght/FIS_RnD/blob/main/escan_av_usb_protection_multiple_vulns.md

Benzer Kayıtlar

Medium

CVE-2025-1368

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulner…

Low

CVE-2025-1369

A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerab…

Medium

CVE-2025-1367

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects…

Medium

CVE-2025-1366

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issu…

Medium

CVE-2025-1364

A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this…

Medium

CVE-2025-0797

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulne…