matt-clamxav/CVE-2020-26893.txt

## CVE-2020-26893.txt
> [Suggested description]
> An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor
> could use a properly signed copy of ClamXAV 2 (running with an
> injected malicious dylib) to communicate with ClamXAV 3's helper tool
> and perform privileged operations. This occurs because of inadequate
> client verification in the helper tool.
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> Local privilege escalation
>
> ------------------------------------------
>
> [Vendor of Product]
> Canimaan Software
>
> ------------------------------------------
>
> [Affected Product Code Base]
> ClamXAV 3 - versions prior to 3.1.1
>
> ------------------------------------------
>
> [Affected Component]
> Privileged helper tool for the ClamXAV main application.
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Escalation of Privileges]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> To exploit the vulnerability an attacker needs to inject a malicious dynamic library into ClamXAV 2,
> whilst running a vulnerable version of ClamXAV 3's helper tool on the same machine.
>
> ------------------------------------------
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> ------------------------------------------
>
> [Discoverer]
> Csaba Fitzl (@theevilbit) of Offensive Security
>
> ------------------------------------------
>
> [Reference]
> https://github.com/theevilbit
> https://twitter.com/theevilbit
> https://clamxav.com/news/
	> [Suggested description]
	> An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor
	> could use a properly signed copy of ClamXAV 2 (running with an
	> injected malicious dylib) to communicate with ClamXAV 3's helper tool
	> and perform privileged operations. This occurs because of inadequate
	> client verification in the helper tool.
	>
	> ------------------------------------------
	>
	> [VulnerabilityType Other]
	> Local privilege escalation
	>
	> ------------------------------------------
	>
	> [Vendor of Product]
	> Canimaan Software
	>
	> ------------------------------------------
	>
	> [Affected Product Code Base]
	> ClamXAV 3 - versions prior to 3.1.1
	>
	> ------------------------------------------
	>
	> [Affected Component]
	> Privileged helper tool for the ClamXAV main application.
	>
	> ------------------------------------------
	>
	> [Attack Type]
	> Local
	>
	> ------------------------------------------
	>
	> [Impact Escalation of Privileges]
	> true
	>
	> ------------------------------------------
	>
	> [Attack Vectors]
	> To exploit the vulnerability an attacker needs to inject a malicious dynamic library into ClamXAV 2,
	> whilst running a vulnerable version of ClamXAV 3's helper tool on the same machine.
	>
	> ------------------------------------------
	>
	> [Has vendor confirmed or acknowledged the vulnerability?]
	> true
	>
	> ------------------------------------------
	>
	> [Discoverer]
	> Csaba Fitzl (@theevilbit) of Offensive Security
	>
	> ------------------------------------------
	>
	> [Reference]
	> https://github.com/theevilbit
	> https://twitter.com/theevilbit
	> https://clamxav.com/news/