CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS
Percentile
9.7%
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.
Vendor | Product | Version | CPE |
---|---|---|---|
iss | blackice_pc_protection | 3.6cbd | cpe:2.3:a:iss:blackice_pc_protection:3.6cbd:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6cbr | cpe:2.3:a:iss:blackice_pc_protection:3.6cbr:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6cbz | cpe:2.3:a:iss:blackice_pc_protection:3.6cbz:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6cca | cpe:2.3:a:iss:blackice_pc_protection:3.6cca:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6ccb | cpe:2.3:a:iss:blackice_pc_protection:3.6ccb:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6ccc | cpe:2.3:a:iss:blackice_pc_protection:3.6ccc:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6ccd | cpe:2.3:a:iss:blackice_pc_protection:3.6ccd:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6cce | cpe:2.3:a:iss:blackice_pc_protection:3.6cce:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6ccf | cpe:2.3:a:iss:blackice_pc_protection:3.6ccf:*:*:*:*:*:*:* |
iss | blackice_pc_protection | 3.6ccg | cpe:2.3:a:iss:blackice_pc_protection:3.6ccg:*:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS
Percentile
9.7%