TROYANOSYVIRUS
Volver a CVEs

CVE-2016-20058

HIGH
7.8

Descripcion

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or system reboot to execute code with LocalSystem privileges.

Detalles CVE

Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/4/2026
Ultima modificacion4/4/2026
Fuentenvd
Avistamientos honeypot0

Debilidades (CWE)

CWE-428

Referencias

http://www.netgate.sk/(disclosure@vulncheck.com)
http://www.netgate.sk/download/download.php?id=11(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/40540(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/netgate-amiti-antivirus-build-unquoted-service-path-privilege-escalation(disclosure@vulncheck.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.