Platform
windows
Component
vipre-antivirus-plus
Fixed in
11.0.7
CVE-2023-32177 is a directory traversal vulnerability discovered in VIPRE Antivirus Plus. This flaw allows local attackers to escalate privileges by exploiting insufficient path validation within the DeleteHistoryFile method. The vulnerability impacts versions up to 11.0.6.22. A patch is available from the vendor to address this issue.
Successful exploitation of CVE-2023-32177 allows a local attacker to gain elevated privileges on a system running VIPRE Antivirus Plus. This means an attacker who already has some level of access (e.g., a standard user account) can potentially gain control over the entire system, including access to sensitive data and the ability to install malicious software. The attack involves crafting a malicious path that bypasses validation checks, allowing the attacker to access or modify files outside of the intended directory. This vulnerability is particularly concerning because it can lead to complete system compromise.
CVE-2023-32177 was publicly disclosed on May 3, 2024. The vulnerability is considered a local privilege escalation, requiring an attacker to already have some level of access to the system. There is no indication of active exploitation campaigns at this time, but the availability of a public proof-of-concept could change this. The EPSS score is pending evaluation, but the local privilege escalation nature suggests a potential for medium to high probability of exploitation.
Exploit Status
EPSS
0.07% (21% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2023-32177 is to upgrade to a patched version of VIPRE Antivirus Plus. The vendor has released a fix to address the path validation issue. If immediate patching is not possible due to compatibility concerns or system downtime requirements, consider restricting user access and monitoring file system activity for suspicious patterns. While a WAF or proxy is unlikely to be effective against this local privilege escalation vulnerability, implementing least privilege principles can limit the potential impact. After upgrading, confirm the fix by attempting to access files outside the intended directory using the vulnerable DeleteHistoryFile method; access should be denied.
Actualice VIPRE Antivirus Plus a una versión posterior a la 11.0.6.22 para corregir la vulnerabilidad de escalada de privilegios. Consulte las notas de la versión del proveedor para obtener más detalles sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-32177 is a directory traversal vulnerability in VIPRE Antivirus Plus allowing local attackers to escalate privileges by manipulating file paths. It affects versions up to 11.0.6.22 and has a CVSS score of 7.8 (HIGH).
You are affected if you are using VIPRE Antivirus Plus version 11.0.6.22 or earlier. Check your installed version against the vendor's advisory for confirmation.
Upgrade to the latest patched version of VIPRE Antivirus Plus as provided by the vendor. Review the vendor's advisory for specific version details and instructions.
There is currently no confirmed evidence of active exploitation, but the availability of a proof-of-concept increases the risk. Monitor your systems for suspicious activity.
Refer to the VIPRE Security website or their support channels for the official advisory and patch information. Search for CVE-2023-32177 on their site.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.