CVE-2025-0798

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS v3 8.1 HIGH
CVSS v2.0 7.6 HIGH

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.6^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/dmknght/FIS_RnD/blob/main/escan_rtscanner_rce.md	Exploit Third Party Advisory
https://vuldb.com/?ctiid.293921	Permissions Required VDB Entry
https://vuldb.com/?id.293921	Third Party Advisory VDB Entry
https://vuldb.com/?submit.484718	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:escanav:escan_anti-virus:7.0.32:*:*:*:*:linux:*:*

History

09 Oct 2025, 20:53

Type	Values Removed	Values Added
First Time		Escanav Escanav escan Anti-virus
CPE		cpe:2.3:a:escanav:escan_anti-virus:7.0.32:::::linux::
References	~~() https://github.com/dmknght/FIS_RnD/blob/main/escan_rtscanner_rce.md -~~	() https://github.com/dmknght/FIS_RnD/blob/main/escan_rtscanner_rce.md - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?ctiid.293921 -~~	() https://vuldb.com/?ctiid.293921 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?id.293921 -~~	() https://vuldb.com/?id.293921 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.484718 -~~	() https://vuldb.com/?submit.484718 - Third Party Advisory, VDB Entry
Summary		(es) Se ha encontrado una vulnerabilidad en MicroWorld eScan Antivirus 7.0.32 en Linux. Se ha calificado como crítica. Este problema afecta a algunos procesos desconocidos del archivo rtscanner del componente Quarantine Handler. La manipulación conduce a la inyección de comandos del sistema operativo. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotación es difícil. La explotación se ha hecho pública y puede utilizarse. Se contactó primeramente con el proveedor sobre esta revelación, pero no respondió de ninguna manera.

29 Jan 2025, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-29 02:15

Updated : 2025-10-09 20:53

NVD link : CVE-2025-0798

Mitre link : CVE-2025-0798

CVE.ORG link : CVE-2025-0798

JSON object : View

Products Affected

escanav

escan_anti-virus

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

8.1 /10