CVE-2023-31497
Published: 11 May 2023
Summary
CVE-2023-31497 is a high-severity an unspecified weakness vulnerability in Seqrite End Point Security. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 11.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-31497 is an incorrect access control vulnerability in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) affecting all versions prior to v8.0. The flaw enables local privilege escalation to root by supplying a crafted binary to the target system and is rated 7.8 under CVSS 3.1.
An attacker with a local account and low privileges can exploit the weakness without user interaction to obtain root-level control on systems running the vulnerable endpoint protection software. Public proof-of-concept code for the attack has been released on GitHub.
The EPSS score has remained in a moderate range near 0.12 with no material rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-35802
Vulnerability details
Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.