Avast Antivirus vulnerabilities

CVE-2025-3500 [CRITICAL] CWE-190 CVE-2025-3500: Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privi Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

CVE-2025-8351 [CRITICAL] CWE-122 CVE-2025-8351: Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanni Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

CVE-2025-10101 [HIGH] CWE-122 CVE-2025-10101: Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a craft Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025.

CVE-2025-7007 [HIGH] CWE-476 CVE-2025-7007: NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when sc NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

CVE-2025-13032 [HIGH] CWE-367 CVE-2025-13032: Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3  on windows allows local attacker Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow.

CVE-2024-9484 [MEDIUM] CWE-476 CVE-2024-9484: An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.

CVE-2024-9481 [MEDIUM] CWE-787 CVE-2024-9481: An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.

CVE-2024-9483 [MEDIUM] CWE-476 CVE-2024-9483: A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24 A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing.

CVE-2024-9482 [MEDIUM] CWE-787 CVE-2024-9482: An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 2 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.

CVE-2024-5102 [HIGH] CWE-1284 CVE-2024-5102: A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow use A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-privileged user an Eleva

CVE-2020-20118 [MEDIUM] CWE-120 CVE-2020-20118: Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a de Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

CVE-2023-1585 [MEDIUM] CWE-367 CVE-2023-1585: Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulner Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later.

CVE-2023-1587 [MEDIUM] CWE-476 CVE-2023-1587: Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-int Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11

CVE-2023-1586 [MEDIUM] CWE-367 CVE-2023-1586: Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulner Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11

CVE-2022-4294 [HIGH] CWE-269 CVE-2022-4294: Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vuln Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

CVE-2021-45339 [HIGH] CWE-863 CVE-2021-45339: Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elev Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.

CVE-2021-45336 [HIGH] CVE-2021-45336: Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.

CVE-2021-45338 [HIGH] CVE-2021-45338: Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security.

CVE-2021-45335 [HIGH] CWE-276 CVE-2021-45335: Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.

CVE-2021-45337 [HIGH] CVE-2021-45337: Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allow Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection.