Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3523 — Improper Input Validation in Antivirus Home

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.9MEDIUMNVD

CNA6.8

EPSS

0.2%

top 63.26%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Avast Antivirus Home Avast Antivirus Professional

Timeline

PublishedOct 1

Latest updateMay 2

Description

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

▶NVDavast/avast_antivirus_home4.8.1351+14

▶NVDavast/avast_antivirus_professional4.8.1351+13

🔴Vulnerability Details

GHSA

GHSA-65m7-qc75-24vh: aavmKer4↗2022-05-02

▶

CVEList

CVE-2009-3523: aavmKer4↗2009-10-01

▶

💥Exploits & PoCs

Exploit-DB

Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation↗2010-04-27

▶