Description
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client verification in the helper tool.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://gist.github.com/matt-clamxav/d341bd48f12a14d2147f8ce860bb36d0
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-345
Status
published
Products (1)
clamxav/clamxav
3.0.0 - 3.1.1
Published
Oct 16, 2020
Tracked Since
Feb 18, 2026