ikarussecurity CVE Vulnerabilities & Metrics

Focus on ikarussecurity vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About ikarussecurity Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with ikarussecurity. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total ikarussecurity CVEs: 16
Earliest CVE date: 19 Oct 2017, 22:29 UTC
Latest CVE date: 20 Dec 2017, 18:29 UTC

Latest CVE reference: CVE-2017-14969

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical ikarussecurity CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 6.91

Max CVSS: 7.6

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	0
7.0-8.9	15
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS ikarussecurity CVEs

These are the five CVEs with the highest CVSS scores for ikarussecurity, sorted by severity first and recency.

CVE-2017-15643 ikarussecurity Published on 19 Oct 2017, 22:29 UTC (CVSS: 7.6)
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first forces the client to initiate an update transaction by modifying an update field within an HTTP 200 response, so that...
CVE-2017-14969 ikarussecurity Published on 20 Dec 2017, 18:29 UTC (CVSS: 7.2)
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114.
CVE-2017-14968 ikarussecurity Published on 20 Dec 2017, 18:29 UTC (CVSS: 7.2)
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113.
CVE-2017-14967 ikarussecurity Published on 20 Dec 2017, 18:29 UTC (CVSS: 7.2)
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080.
CVE-2017-14966 ikarussecurity Published on 20 Dec 2017, 18:29 UTC (CVSS: 7.2)
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0.

All CVEs for ikarussecurity

CVE-2017-14969 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114.

CVE-2017-14968 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c4, a related issue to CVE-2017-17113.

CVE-2017-14967 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000080.

CVE-2017-14966 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000c0.

CVE-2017-14965 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x830000cc.

CVE-2017-14964 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c.

CVE-2017-14963 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000058.

CVE-2017-14962 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 18:29 UTC

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Out of Bounds Write vulnerability because of not validating input values from IOCtl 0x83000058, a related issue to CVE-2017-17112.

CVE-2017-17804 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 09:29 UTC

In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000084.

CVE-2017-17797 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 09:29 UTC

CVE-2017-17795 ikarussecurity vulnerability CVSS: 7.2 20 Dec 2017, 09:29 UTC

CVE-2017-17114 ikarussecurity vulnerability CVSS: 7.2 04 Dec 2017, 08:29 UTC

ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request.

CVE-2017-17113 ikarussecurity vulnerability CVSS: 2.1 04 Dec 2017, 08:29 UTC

ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request.

CVE-2017-17112 ikarussecurity vulnerability CVSS: 7.2 04 Dec 2017, 08:29 UTC

ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request.

CVE-2017-14961 ikarussecurity vulnerability CVSS: 7.2 15 Nov 2017, 16:29 UTC

In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.

CVE-2017-15643 ikarussecurity vulnerability CVSS: 7.6 19 Oct 2017, 22:29 UTC

An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first forces the client to initiate an update transaction by modifying an update field within an HTTP 200 response, so that it refers to a nonexistent update. The attacker then modifies the HTTP 404 response so that it specifies a successfully found update, with a Trojan horse executable file (e.g., guardxup.exe) and the correct CRC32 checksum for that file.