CVE-2016-20058

CVE Database · CVE-2016-20058

CVE-2016-20058

· HIGHAnalyzed

CVSS v3.1

7.8

CVSS v4.0

8.5

EPSS

0.72%

Published

Apr 4, 2026

Modified

Apr 27, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or system reboot to execute code with LocalSystem privileges.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-428

Affected Products (1)

netgate · amiti_antivirusvulnerable

References (4)

http://www.netgate.sk/

Product

http://www.netgate.sk/download/download.php?id=11

Product

https://www.exploit-db.com/exploits/40540

ExploitVDB Entry

https://www.vulncheck.com/advisories/netgate-amiti-antivirus-build-unquoted-service-path-privilege-escalation

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs