cvedb.io
CVE-2022-31466
HIGH · CVSS 7.9
EPSS exploitation probability: 0%
Published 2022-05-23T19:16:07.740 · Last modified 2026-06-17T04:45:29.133

Summary

Time of Check - Time of Use (TOCTOU) vulnerability in Quick Heal Total Security prior to 12.1.1.27 allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved through exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file by a symlink.

Affected products

quickheal — total_security

Does this affect you?

Add your gear to cvedb and we'll alert you only when quickheal ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.