Search criteria
18 vulnerabilities found for premium_security by avast
FKIE_CVE-2023-42125
Vulnerability from fkie_nvd - Published: 2024-05-03 03:15 - Updated: 2025-08-13 12:12
Severity ?
Summary
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
. Was ZDI-CAN-20383.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-1475/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-1475/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | 22.12.6044 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:22.12.6044:*:*:*:*:*:*:*",
"matchCriteriaId": "E61C42AF-2439-4207-BBC6-98C4CB7A0C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."
},
{
"lang": "es",
"value": "Enlace de protecci\u00f3n de Avast Premium Security Sandbox despu\u00e9s de una vulnerabilidad de escalada de privilegios. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de Avast Premium Security. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. La falla espec\u00edfica existe en la implementaci\u00f3n de la funci\u00f3n sandbox. Al crear un enlace simb\u00f3lico, un atacante puede abusar del servicio para crear objetos de espacio de nombres arbitrarios. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM. Era ZDI-CAN-20383."
}
],
"id": "CVE-2023-42125",
"lastModified": "2025-08-13T12:12:48.143",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-05-03T03:15:51.797",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-706"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-42124
Vulnerability from fkie_nvd - Published: 2024-05-03 03:15 - Updated: 2025-08-13 12:17
Severity ?
Summary
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.
. Was ZDI-CAN-20178.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-23-1474/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-23-1474/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | 22.12.6044 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:22.12.6044:*:*:*:*:*:*:*",
"matchCriteriaId": "E61C42AF-2439-4207-BBC6-98C4CB7A0C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.\n. Was ZDI-CAN-20178."
},
{
"lang": "es",
"value": "Vulnerabilidad de escalada de privilegios de autorizaci\u00f3n incorrecta de Avast Premium Security Sandbox Protection. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de Avast Premium Security. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. La falla espec\u00edfica existe en la implementaci\u00f3n de la funci\u00f3n sandbox. El problema se debe a una autorizaci\u00f3n incorrecta. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario fuera del entorno limitado con una integridad media. Fue ZDI-CAN-20178."
}
],
"id": "CVE-2023-42124",
"lastModified": "2025-08-13T12:17:33.243",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-03T03:15:51.633",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-28965
Vulnerability from fkie_nvd - Published: 2022-05-20 02:15 - Updated: 2024-11-21 06:58
Severity ?
Summary
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://forum.avast.com/index.php?topic=318305.0 | Patch, Release Notes, Vendor Advisory | |
| cve@mitre.org | https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://forum.avast.com/index.php?topic=318305.0 | Patch, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "189E6486-08D6-429D-9FD7-2F94F8F69E07",
"versionEndExcluding": "21.11.2500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuestro de DLL por medio de los componentes instup.exe y wsc_proxy.exe en Avast Premium Security versiones anteriores a v21.11.2500, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una Denegaci\u00f3n de Servicio (DoS) por medio de un archivo DLL dise\u00f1ado"
}
],
"id": "CVE-2022-28965",
"lastModified": "2024-11-21T06:58:15.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-20T02:15:07.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-28964
Vulnerability from fkie_nvd - Published: 2022-05-20 02:15 - Updated: 2024-11-21 06:58
Severity ?
Summary
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "189E6486-08D6-429D-9FD7-2F94F8F69E07",
"versionEndExcluding": "21.11.2500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura de archivos arbitrarios en Avast Premium Security versiones anteriores a 21.11.2500 (compilaci\u00f3n 21.11.6809.528) permite a atacantes causar una Denegaci\u00f3n de Servicio (DoS) por medio de un archivo DLL dise\u00f1ado"
}
],
"id": "CVE-2022-28964",
"lastModified": "2024-11-21T06:58:15.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-20T02:15:07.183",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-27241
Vulnerability from fkie_nvd - Published: 2021-03-29 21:15 - Updated: 2024-11-21 05:57
Severity ?
Summary
This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-208/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-208/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | 20.8.2429 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:20.8.2429:*:*:*:*:*:*:*",
"matchCriteriaId": "2686D810-4654-4FF3-A785-A2B43139967E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes locales eliminar directorios arbitrarios en las instalaciones afectadas de Avast Premium Security versi\u00f3n 20.8.2429 (Build 20.8.5653.561).\u0026#xa0;Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo poco privilegiado en el sistema de destino para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del m\u00f3dulo AvastSvc.exe.\u0026#xa0;Al crear una uni\u00f3n de directorio, un atacante puede abusar del servicio para eliminar un directorio.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para crear una condici\u00f3n de denegaci\u00f3n de servicio en el sistema.\u0026#xa0;Era ZDI-CAN-12082"
}
],
"id": "CVE-2021-27241",
"lastModified": "2024-11-21T05:57:40.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-29T21:15:12.593",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2019-18894
Vulnerability from fkie_nvd - Published: 2020-01-13 17:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avast | premium_security | 19.8.2393 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:premium_security:19.8.2393:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE6BD45-D8CE-48A0-8429-5275739D8D00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox."
},
{
"lang": "es",
"value": "En Avast Premium Security versi\u00f3n 19.8.2393, los atacantes pueden enviar una petici\u00f3n especialmente dise\u00f1ada hacia el servidor web local ejecutado por Avast Antivirus en el puerto 27275 para admitir la funcionalidad Bank Mode. Un fallo en el procesamiento de un comando permite una ejecuci\u00f3n de comandos de Sistema Operativo arbitrarios con los privilegios del usuario actualmente conectado. Esto permite, por ejemplo, que los atacantes que comprometieron una extensi\u00f3n del navegador para escapar del sandbox del navegador."
}
],
"id": "CVE-2019-18894",
"lastModified": "2024-11-21T04:33:47.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-13T17:15:11.633",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-42125 (GCVE-0-2023-42125)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:13 – Updated: 2024-09-20 19:07
VLAI?
Summary
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
. Was ZDI-CAN-20383.
Severity ?
7.8 (High)
CWE
- CWE-706 - Use of Incorrectly-Resolved Name or Reference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
Avast Premium Security 22.12.6044 (build 22.12.7758.769)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-10T20:42:08.317986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T19:07:41.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:50.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1475",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"dateAssigned": "2023-09-06T16:25:45.534-05:00",
"datePublic": "2023-09-27T17:21:28.201-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-706",
"description": "CWE-706: Use of Incorrectly-Resolved Name or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:30:13.844Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1475",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
}
],
"source": {
"lang": "en",
"value": "Abdelhamid Naceri"
},
"title": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-42125",
"datePublished": "2024-05-03T02:13:31.242Z",
"dateReserved": "2023-09-06T21:14:24.437Z",
"dateUpdated": "2024-09-20T19:07:41.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42124 (GCVE-0-2023-42124)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:13 – Updated: 2024-09-18 18:30
VLAI?
Summary
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.
. Was ZDI-CAN-20178.
Severity ?
5.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
Avast Premium Security 22.12.6044 (build 22.12.7758.769)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avast:premium_security:r.47.0.0_autocad_2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "r.47.0.0_autocad_2021"
}
]
},
{
"cpes": [
"cpe:2.3:a:avast:premium_security:r.47.0.0_autocad_lt_2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "r.47.0.0_autocad_lt_2021"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T19:13:25.885336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:29:39.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:50.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1474",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"dateAssigned": "2023-09-06T16:25:45.528-05:00",
"datePublic": "2023-09-27T17:21:24.118-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.\n. Was ZDI-CAN-20178."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:30:13.039Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1474",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
}
],
"source": {
"lang": "en",
"value": "Abdelhamid Naceri"
},
"title": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-42124",
"datePublished": "2024-05-03T02:13:30.533Z",
"dateReserved": "2023-09-06T21:14:24.437Z",
"dateUpdated": "2024-09-18T18:30:13.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28965 (GCVE-0-2022-28965)
Vulnerability from cvelistv5 – Published: 2022-05-20 01:13 – Updated: 2024-08-03 06:10
VLAI?
Summary
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:58.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T01:13:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2",
"refsource": "MISC",
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"name": "https://forum.avast.com/index.php?topic=318305.0",
"refsource": "MISC",
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28965",
"datePublished": "2022-05-20T01:13:39",
"dateReserved": "2022-04-11T00:00:00",
"dateUpdated": "2024-08-03T06:10:58.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28964 (GCVE-0-2022-28964)
Vulnerability from cvelistv5 – Published: 2022-05-20 01:13 – Updated: 2024-08-03 06:10
VLAI?
Summary
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:57.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T01:13:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1",
"refsource": "MISC",
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"name": "https://forum.avast.com/index.php?topic=317641.0",
"refsource": "MISC",
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28964",
"datePublished": "2022-05-20T01:13:35",
"dateReserved": "2022-04-11T00:00:00",
"dateUpdated": "2024-08-03T06:10:57.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27241 (GCVE-0-2021-27241)
Vulnerability from cvelistv5 – Published: 2021-03-29 21:05 – Updated: 2024-08-03 20:48
VLAI?
Summary
This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082.
Severity ?
6.1 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
20.8.2429 (Build 20.8.5653.561)
|
Credits
Abdelhamid Naceri
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:15.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "20.8.2429 (Build 20.8.5653.561)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Abdelhamid Naceri"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-29T21:05:30",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-27241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Premium Security",
"version": {
"version_data": [
{
"version_value": "20.8.2429 (Build 20.8.5653.561)"
}
]
}
}
]
},
"vendor_name": "Avast"
}
]
}
},
"credit": "Abdelhamid Naceri",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-27241",
"datePublished": "2021-03-29T21:05:31",
"dateReserved": "2021-02-16T00:00:00",
"dateUpdated": "2024-08-03T20:48:15.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18894 (GCVE-0-2019-18894)
Vulnerability from cvelistv5 – Published: 2020-01-13 16:13 – Updated: 2024-08-05 02:02
VLAI?
Summary
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-13T16:13:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/",
"refsource": "MISC",
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18894",
"datePublished": "2020-01-13T16:13:02",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42125 (GCVE-0-2023-42125)
Vulnerability from nvd – Published: 2024-05-03 02:13 – Updated: 2024-09-20 19:07
VLAI?
Summary
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
. Was ZDI-CAN-20383.
Severity ?
7.8 (High)
CWE
- CWE-706 - Use of Incorrectly-Resolved Name or Reference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
Avast Premium Security 22.12.6044 (build 22.12.7758.769)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-10T20:42:08.317986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T19:07:41.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:50.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1475",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"dateAssigned": "2023-09-06T16:25:45.534-05:00",
"datePublic": "2023-09-27T17:21:28.201-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-706",
"description": "CWE-706: Use of Incorrectly-Resolved Name or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:30:13.844Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1475",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"
}
],
"source": {
"lang": "en",
"value": "Abdelhamid Naceri"
},
"title": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-42125",
"datePublished": "2024-05-03T02:13:31.242Z",
"dateReserved": "2023-09-06T21:14:24.437Z",
"dateUpdated": "2024-09-20T19:07:41.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42124 (GCVE-0-2023-42124)
Vulnerability from nvd – Published: 2024-05-03 02:13 – Updated: 2024-09-18 18:30
VLAI?
Summary
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.
. Was ZDI-CAN-20178.
Severity ?
5.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
Avast Premium Security 22.12.6044 (build 22.12.7758.769)
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avast:premium_security:r.47.0.0_autocad_2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "r.47.0.0_autocad_2021"
}
]
},
{
"cpes": [
"cpe:2.3:a:avast:premium_security:r.47.0.0_autocad_lt_2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "premium_security",
"vendor": "avast",
"versions": [
{
"status": "affected",
"version": "r.47.0.0_autocad_lt_2021"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T19:13:25.885336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:29:39.890Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:50.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1474",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)"
}
]
}
],
"dateAssigned": "2023-09-06T16:25:45.528-05:00",
"datePublic": "2023-09-27T17:21:24.118-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.\n. Was ZDI-CAN-20178."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:30:13.039Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1474",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1474/"
}
],
"source": {
"lang": "en",
"value": "Abdelhamid Naceri"
},
"title": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-42124",
"datePublished": "2024-05-03T02:13:30.533Z",
"dateReserved": "2023-09-06T21:14:24.437Z",
"dateUpdated": "2024-09-18T18:30:13.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28965 (GCVE-0-2022-28965)
Vulnerability from nvd – Published: 2022-05-20 01:13 – Updated: 2024-08-03 06:10
VLAI?
Summary
Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:58.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T01:13:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2",
"refsource": "MISC",
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST2"
},
{
"name": "https://forum.avast.com/index.php?topic=318305.0",
"refsource": "MISC",
"url": "https://forum.avast.com/index.php?topic=318305.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28965",
"datePublished": "2022-05-20T01:13:39",
"dateReserved": "2022-04-11T00:00:00",
"dateUpdated": "2024-08-03T06:10:58.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28964 (GCVE-0-2022-28964)
Vulnerability from nvd – Published: 2022-05-20 01:13 – Updated: 2024-08-03 06:10
VLAI?
Summary
An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:57.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T01:13:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1",
"refsource": "MISC",
"url": "https://github.com/netero1010/Vulnerability-Disclosure/tree/main/CVE-2022-AVAST1"
},
{
"name": "https://forum.avast.com/index.php?topic=317641.0",
"refsource": "MISC",
"url": "https://forum.avast.com/index.php?topic=317641.0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28964",
"datePublished": "2022-05-20T01:13:35",
"dateReserved": "2022-04-11T00:00:00",
"dateUpdated": "2024-08-03T06:10:57.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27241 (GCVE-0-2021-27241)
Vulnerability from nvd – Published: 2021-03-29 21:05 – Updated: 2024-08-03 20:48
VLAI?
Summary
This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082.
Severity ?
6.1 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Avast | Premium Security |
Affected:
20.8.2429 (Build 20.8.5653.561)
|
Credits
Abdelhamid Naceri
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:15.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Premium Security",
"vendor": "Avast",
"versions": [
{
"status": "affected",
"version": "20.8.2429 (Build 20.8.5653.561)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Abdelhamid Naceri"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-29T21:05:30",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-27241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Premium Security",
"version": {
"version_data": [
{
"version_value": "20.8.2429 (Build 20.8.5653.561)"
}
]
}
}
]
},
"vendor_name": "Avast"
}
]
}
},
"credit": "Abdelhamid Naceri",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-27241",
"datePublished": "2021-03-29T21:05:31",
"dateReserved": "2021-02-16T00:00:00",
"dateUpdated": "2024-08-03T20:48:15.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18894 (GCVE-0-2019-18894)
Vulnerability from nvd – Published: 2020-01-13 16:13 – Updated: 2024-08-05 02:02
VLAI?
Summary
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-13T16:13:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/",
"refsource": "MISC",
"url": "https://palant.de/2020/01/13/pwning-avast-secure-browser-for-fun-and-profit/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18894",
"datePublished": "2020-01-13T16:13:02",
"dateReserved": "2019-11-12T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}