Vba32 Personal Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability

Vba32 Personal Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability

Vba32 Personal is prone to a local privilege-escalation vulnerability that stems from a design error. This vulnerability occurs because the application assigns insecure file permissions to certain directories upon installation.

An attacker may exploit this vulnerability to overwrite files with arbitrary code in the affected directories. The arbitrary code will then run with SYSTEM-level privileges. This may facilitate a complete compromise of affected computers.

Vba32 Personal 3.12.2 is vulnerable to this issue; other versions may also be affected.