Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2020-26893
> [Suggested description]
> An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor
> could use a properly signed copy of ClamXAV 2 (running with an
> injected malicious dylib) to communicate with ClamXAV 3's helper tool
> and perform privileged operations. This occurs because of inadequate
> client verification in the helper tool.
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> Local privilege escalation
>
> ------------------------------------------
>
> [Vendor of Product]
> Canimaan Software
>
> ------------------------------------------
>
> [Affected Product Code Base]
> ClamXAV 3 - versions prior to 3.1.1
>
> ------------------------------------------
>
> [Affected Component]
> Privileged helper tool for the ClamXAV main application.
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Escalation of Privileges]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> To exploit the vulnerability an attacker needs to inject a malicious dynamic library into ClamXAV 2,
> whilst running a vulnerable version of ClamXAV 3's helper tool on the same machine.
>
> ------------------------------------------
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> ------------------------------------------
>
> [Discoverer]
> Csaba Fitzl (@theevilbit) of Offensive Security
>
> ------------------------------------------
>
> [Reference]
> https://github.com/theevilbit
> https://twitter.com/theevilbit
> https://clamxav.com/news/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.