Skip to content

Latest commit

 

History

History

CVE-2022-AVAST1

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 

CVE-2022-AVAST1 (Arbitrary File Write that Leads to Defense Evasion and DOS)

Product

Avast - Premium Security

Version

21.11.2500 (build 21.11.6809.528)

Vulnerable Component

AvastSvc.exe

Description

When the malware threat detection is triggered, a directory under C drive and a .db file will be created by "AvastSvc.exe". Since the directory is assigned with "Modify" privilege for "Authenticated Users", any unprivileged users could modify/write this Avast controlled directory. With this setup, an unprivileged user is able to achieve arbitrary file write by creating a symbolic link to a privileged location (e.g., C:\Windows\System32, C:\Program Files\Avast Software\Avast).

Impact

The vulnerability could allow unprivileged user to terminate the Avast antivirus and cause DOS to the affected system.

Resolution

This vulnerability is patched since Avast Premium Security 22.1.

Disclosure Timeline

19-01-2022 Vulnerability reported to Avast.

22-01-2022 Initial response from Avast.

11-02-2022 Avast confirmed the vulnerability and released a patch for the product.

References

https://forum.avast.com/index.php?topic=317641.0