VYPR

K7 Ultimate Security

by K7 Computing

CVEs (4)

  • CVE-2019-16896HigDec 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.

  • CVE-2024-36424MedAug 6, 2024
    risk 0.39cvss 5.5epss 0.01

    K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference.

  • CVE-2014-9643Feb 6, 2015
    risk 0.03cvss epss 0.01

    K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or…

  • CVE-2025-67826Dec 22, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE) vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows…