CVE-2023-31497

HIGH

Seqrite Endpoint Security <8.0 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-31497. PoCs published by 0xInfection.

AI-analyzed exploit summary This repository contains a functional privilege escalation exploit for CVE-2023-31497, targeting Seqrite Endpoint Security (EPS) versions prior to 8.0. The exploit leverages weak file permissions in `/usr/lib/Seqrite/` and `/etc/init.d/` to overwrite startup scripts or daemon binaries with a reverse shell payload.

Description

Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system.

Exploits (1)

nomisec WORKING POC 18 stars
by 0xInfection · poc
https://github.com/0xInfection/EPScalate

This repository contains a functional privilege escalation exploit for CVE-2023-31497, targeting Seqrite Endpoint Security (EPS) versions prior to 8.0. The exploit leverages weak file permissions in `/usr/lib/Seqrite/` and `/etc/init.d/` to overwrite startup scripts or daemon binaries with a reverse shell payload.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Seqrite Endpoint Security (EPS) < 8.0
No auth needed
Prerequisites: Local access to a vulnerable system · GCC (for binary compilation technique) · Netcat or Metasploit listener for reverse shell
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory
https://github.com/0xInfection/EPScalate

Scores

CVSS v3 7.8
EPSS 0.0052
EPSS Percentile 39.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

Status published
Products (1)
seqrite/end_point_security < 8.0
Published May 11, 2023
Tracked Since Feb 18, 2026