CVE-2023-3438

An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.

CVSS v3 4.4 MEDIUM

4.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://kcm.trellix.com/corporate/index?page=content&id=SB10404	Patch Vendor Advisory
https://kcm.trellix.com/corporate/index?page=content&id=SB10404	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:trellix:move:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 08:17

Type	Values Removed	Values Added
References	~~() https://kcm.trellix.com/corporate/index?page=content&id=SB10404 - Patch, Vendor Advisory~~	() https://kcm.trellix.com/corporate/index?page=content&id=SB10404 - Patch, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 4.4

Information

Published : 2023-07-03 08:15

Updated : 2024-11-21 08:17

NVD link : CVE-2023-3438

Mitre link : CVE-2023-3438

CVE.ORG link : CVE-2023-3438

JSON object : View

Products Affected

trellix

move

CWE

CWE-428

Unquoted Search Path or Element

{"id": "CVE-2023-3438", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-07-03T08:15:09.670", "references": [{"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10404", "tags": ["Patch", "Vendor Advisory"], "source": "trellixpsirt@trellix.com"}, {"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10404", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-428"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-428"}]}], "descriptions": [{"lang": "en", "value": "\nAn unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). \nThe misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.\n\n"}], "lastModified": "2024-11-21T08:17:16.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trellix:move:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "2250DD3C-04D8-435D-A03A-E38C697001CD", "versionEndIncluding": "4.10.0"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}

4.4 /10