CVE-2019-13356

In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
totaldefenseanti-virus
9.0.0.773
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/NtRaiseHardError/Antimalware-Research/tree/master/Total%20Defense/Local%20Privilege%20Escalation/v9.0.0.773
https://www.totaldefense.com/security-blog
https://github.com/NtRaiseHardError/Antimalware-Research/tree/master/Total%20Defense/Local%20Privilege%20Escalation/v9.0.0.773
https://www.totaldefense.com/security-blog