eScan Anti-Virus Local Privilege Escalation Vulnerability via 'runasroot' Command

eScan Anti-Virus Local Privilege Escalation Vulnerability via 'runasroot' Command

CVE-2021-26624 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.

Learn more about our Web Application Penetration Testing UK.