Vulnerability Details : CVE-2023-3438
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe).
The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.
Vulnerability category: Gain privilege
Products affected by CVE-2023-3438
- cpe:2.3:a:trellix:move:*:*:*:*:*:windows:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-3438
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-3438
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
4.4
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
0.8
|
3.6
|
Trellix |
CWE ids for CVE-2023-3438
-
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.Assigned by:
- nvd@nist.gov (Primary)
- trellixpsirt@trellix.com (Secondary)
References for CVE-2023-3438
-
https://kcm.trellix.com/corporate/index?page=content&id=SB10404
Security Bulletin - Trellix Move 4.10.1 fixes vulnerability CVE-2023-3438Patch;Vendor Advisory
Jump to