CVE-2023-7241 HIGH

CVE-2023-7241: Webroot Antivirus COM-Hijacking LPE

Vendor Webroot

Product Webroot AntiVirus (Consumer) and Webroot Endpoint Protection (Business)

Weakness CWE-269

Published May 1, 2024

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

7.9/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality None

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files.

Key dates

02Disclosure timeline

May 1, 2024 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-7241 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2023-7241

CWE CWE-269

CVSS 7.9 / HIGH

Affected versions