Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation. This vulnerability has been fixed in version 2018.12 and later.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Emsisoft Anti-Malware 权限许可和访问控制问题漏洞
Vulnerability Description
Emsisoft Anti-Malware是新西兰Emsisoft公司的一款防病毒软件。该软件具有恶意软件防护和病毒防护等功能。 Emsisoft Anti-Malware 2018.8.1.8923版本中的EPP.sys文件存在安全漏洞,该漏洞源于程序没有设置FILE_DEVICE_SECURE_OPEN标志(flag)。攻击者可利用该漏洞绕过访问控制列表。
CVSS Information
N/A
Vulnerability Type
N/A