cbcvebase.
CVE-2021-45335
published 2021-12-27

CVE-2021-45335: Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and…

PriorityP344high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
EPSS
0.38%
29.6th percentile
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.

Affected

1 ranges
VendorProductVersion rangeFixed in
avastantivirus< 20.420.4

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.