CVE-2024-20506 — Improper Check for Unusual or Exceptional Conditions in Clamav

CWE-754 — Improper Check for Unusual or Exceptional Conditions10 documents7 sources

Severity

6.1MEDIUMNVD

OSV7.5

EPSS

0.0%

top 89.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clamav Cisco Clamav

Timeline

PublishedSep 4

Latest updateSep 17

Description

A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files. The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker …

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages4 packages

▶NVDclamav/clamav0.104.0 — 1.0.7+3

▶Debianclamav/clamav< 1.0.7+dfsg-1~deb11u1+3

▶Ubuntuclamav/clamav< 0.103.12+dfsg-0ubuntu0.20.04.1+2

▶CVEListV5cisco/clamav24 versions+23

🔴Vulnerability Details

OSV

clamav vulnerabilities↗2024-09-17

▶

OSV

clamav vulnerabilities↗2024-09-16

▶

GHSA

GHSA-h5fr-q576-q7rv: A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1↗2024-09-05

▶

OSV

CVE-2024-20506: A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1↗2024-09-04

▶

CVEList

ClamAV Privilege Handling Escalation Vulnerability↗2024-09-04

▶

📋Vendor Advisories

Ubuntu

ClamAV vulnerabilities↗2024-09-17

▶

Ubuntu

ClamAV vulnerabilities↗2024-09-16

▶

Microsoft

ClamAV Privilege Handling Escalation Vulnerability↗2024-09-10

▶

Debian

CVE-2024-20506: clamav - A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions ...↗2024

▶