ByteOS Network

NVD Vulnerability Details :

CVE-2023-32179

Analyzed

Source-zdi-disclosures@trendmicro.com

Published At-03 May, 2024 | 02:15

Updated At-08 Aug, 2025 | 14:27

VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the FPQuarTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. . Was ZDI-CAN-19397.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.0	7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CPE Matches

vipre>>antivirus>>Versions before 12.0.1.203(exclusive)

cpe:2.3:a:vipre:antivirus:*:*:*:*:plus:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-59	Secondary	zdi-disclosures@trendmicro.com

References

Hyperlink	Source	Resource
https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530	zdi-disclosures@trendmicro.com	Release Notes
https://www.zerodayinitiative.com/advisories/ZDI-23-759/	zdi-disclosures@trendmicro.com	Third Party Advisory
https://success.vipre.com/en_US/antivirus-plus-release-notes/home-plus-release-notes-20230530	af854a3a-2127-422b-91ae-364da2661108	Release Notes
https://www.zerodayinitiative.com/advisories/ZDI-23-759/	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History