An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe).
The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: trellix
Published: 2023-07-03T07:35:24.255Z
Updated: 2024-08-02T06:55:03.399Z
Reserved: 2023-06-28T07:03:39.592Z
Link: CVE-2023-3438
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-03T08:15:09.670
Modified: 2023-07-14T14:43:08.843
Link: CVE-2023-3438
Redhat
No data.