Netgate AMITI Antivirus build 23.0.305 Unquoted Service Path Privilege Escalation

Description

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or system reboot to execute code with LocalSystem privileges.

Affected Products

Vendor	Product	Versions
netgate	netgate amiti antivirus	23.0.305

References

https://www.exploit-db.com/exploits/40540(exploit)
http://www.netgate.sk/(product)
http://www.netgate.sk/download/download.php?id=11(product)
https://www.vulncheck.com/advisories/netgate-amiti-antivirus-build-unquoted-service-path-privilege-escalation(third-party-advisory)

Related News (1 articles)

Tier C

VulDB25d ago

CVE-2016-20058 | Netgate AMITI Antivirus 23.0.305 AmitiAntivirusHealth Service unquoted search path (Exploit 40540 / EDB-40540)

→ No new info (linked only)

CVSS 3.17.8 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-428

PublishedApr 4, 2026

Last enriched25d agov2

Trending Score2

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (2)

Version History

Last enriched 25d ago

v2Tier C25d ago

Updated severity to HIGH, marked exploit as available, and provided a more detailed description of the vulnerability.

severityexploitAvailabledescription

via VulDB

v125d ago

Initial creation