cve/2023/CVE-2023-3438.md

### [CVE-2023-3438](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3438)
![](https://img.shields.io/static/v1?label=Product&message=Trellix%20Move&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%204.10.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-428%20Unquoted%20Search%20Path%20or%20Element&color=brighgreen)

### Description

An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.

### POC

#### Reference
- https://kcm.trellix.com/corporate/index?page=content&id=SB10404

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-3438](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3438)`
			`![](https://img.shields.io/static/v1?label=Product&message=Trellix%20Move&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%204.10.0%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-428%20Unquoted%20Search%20Path%20or%20Element&color=brighgreen)`

			`### Description`

			`An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.`

			`### POC`

			`#### Reference`
			`- https://kcm.trellix.com/corporate/index?page=content&id=SB10404`

			`#### Github`
			`No PoCs found on GitHub currently.`