Unrated severityNVD Advisory· Published May 23, 2022· Updated Aug 3, 2024

TOCTOU Vulnerability in Quick Heal Total Security

CVE-2022-31466

Description

Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Quick Heal/Total Securitydescription
Quick Heal/Quick Heal Total Securityllm-create
Range: <=12.1.1.27

Patches

Vulnerability mechanics

References

softwaresec001.wordpress.com/2022/05/13/privilege-escalation-vulnerability-in-quick-heal-total-security/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000