Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024
CVE-2020-26893
CVE-2020-26893
Description
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client verification in the helper tool.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ClamXAV/ClamXAVdescription
Patches
Vulnerability mechanics
References
1- gist.github.com/matt-clamxav/d341bd48f12a14d2147f8ce860bb36d0mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.