Privileged File Delete (CVE-2019-18644)
Affected Products
- Total Defense Anti-virus 11.5.2.28
Vulnerability Type
Improper Access Control
Impact
Privileged File Delete
Summary
The malware scan function in Total Defense Anti-virus is vulnerable to a TOCTOU bug and symbolic link attacks allowing privileged files to be deleted.
Exploitation
- Disable automatic scanner,
- Manually scan malware,
- Delete the malware while scan is in progress,
- Create a symbolic link from the original malware path to a target file.