CVE-2018-6593

An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \.\ZemanaAntiMalware to elevate privileges.

Published: Feb 3, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-6593
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
malwarefox / antimalware	2.74.0.150	2.74.0.150.x

https://github.com/SouhailHammou/Exploits/blob/master/CVE-2018-6593/Malwarefox_privescl_0.c
https://www.exploit-db.com/exploits/43973/

Vulnerability Database

290,206

CVE-2018-6593