exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

TotalAV 5.15.69 Unquoted Service Path

TotalAV 5.15.69 Unquoted Service Path
Posted Sep 22, 2021
Authored by Andrea Intilangelo

TotalAV version 5.15.69 suffers from an unquoted service path vulnerability.

tags | exploit
advisories | CVE-2021-35313
SHA-256 | b4067cdc2ae6c288bb17fdcb1944098805ac09b753348b941b1e2a016ca7d586

TotalAV 5.15.69 Unquoted Service Path

Change Mirror Download
# Exploit Title: TotalAV - Unquoted Service Path
# Date: 2021-09-22
# Exploit Author: Andrea Intilangelo
# Vendor Homepage: https://www.totalav.com
# Software Link: https://download.totalav.com/windows/beta-trial or https://install.protected.net/windows/cdn3/5.15.69/TotalAV.exe
# Version: 5.15.69
# Tested on: Windows 10 Pro 20H2 and 21H1 x64
# CVE: CVE-2021-35313

The PC Security Management Service, PC Security Management Monitoring Service, and Anti-Malware SDK Protected Service
services from TotalAV version 5.15.69 are affected by unquoted service path (CWE-428) vulnerability which may allow a
user to gain SYSTEM privileges since they all running with higher privileges. To exploit the vulnerability is possible
to place executable(s) following the path of the unquoted string.

Affected excecutables services: SecurityService, SecurityServiceMonitor, AMSProtectedService:

PC Security Management Service SecurityService C:\Program Files (x86)\TotalAV\SecurityService.exe Auto
PC Security Management Monitoring Service SecurityServiceMonitor C:\Program Files (x86)\TotalAV\SecurityService.exe --monitor Auto
Anti-Malware SDK Protected Service AMSProtectedService C:\Program Files (x86)\TotalAV\savapi\elam_ppl\amsprotectedservice.exe Auto

C:\Users\user>sc qc SecurityService
[SC] QueryServiceConfig OPERAZIONI RIUSCITE

NOME_SERVIZIO: SecurityService
TIPO : 10 WIN32_OWN_PROCESS
TIPO_AVVIO : 2 AUTO_START
CONTROLLO_ERRORE : 1 NORMAL
NOME_PERCORSO_BINARIO : C:\Program Files(x86)\TotalAV\SecurityService.exe
GRUPPO_ORDINE_CARICAMENTO :
TAG : 0
NOME_VISUALIZZATO : PC Security Management Service
DIPENDENZE :
SERVICE_START_NAME : LocalSystem

C:\Users\user>sc qc SecurityServiceMonitor
[SC] QueryServiceConfig OPERAZIONI RIUSCITE

NOME_SERVIZIO: SecurityServiceMonitor
TIPO : 10 WIN32_OWN_PROCESS
TIPO_AVVIO : 2 AUTO_START
CONTROLLO_ERRORE : 1 NORMAL
NOME_PERCORSO_BINARIO : C:\Program Files(x86)\TotalAV\SecurityService.exe --monitor
GRUPPO_ORDINE_CARICAMENTO :
TAG : 0
NOME_VISUALIZZATO : PC Security Management Monitoring Service
DIPENDENZE :
SERVICE_START_NAME : LocalSystem

C:\Users\user>sc qc AMSProtectedService
[SC] QueryServiceConfig OPERAZIONI RIUSCITE

NOME_SERVIZIO: AMSProtectedService
TIPO : 10 WIN32_OWN_PROCESS
TIPO_AVVIO : 2 AUTO_START
CONTROLLO_ERRORE : 1 NORMAL
NOME_PERCORSO_BINARIO : C:\Program Files (x86)\TotalAV\savapi\elam_ppl\amsprotectedservice.exe
GRUPPO_ORDINE_CARICAMENTO :
TAG : 0
NOME_VISUALIZZATO : Anti-Malware SDK Protected Service
DIPENDENZE :
SERVICE_START_NAME : LocalSystem


Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close