Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-4049 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Antivirus Home

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 39.04%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Avast Antivirus Home Avast Antivirus Professional

Timeline

PublishedNov 23

Latest updateMay 2

Description

Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDavast/avast_antivirus_home4.8.1356.0

▶NVDavast/avast_antivirus_professional4.8.1356.0

🔴Vulnerability Details

GHSA

GHSA-842f-8x99-f2w9: Heap-based buffer overflow in aswRdr↗2022-05-02

▶

CVEList

CVE-2009-4049: Heap-based buffer overflow in aswRdr↗2009-11-23

▶

💥Exploits & PoCs

Exploit-DB

Avast! AntiVirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation↗2009-11-16

▶