Avast Antivirus vulnerabilities

CVE-2020-15024 [MEDIUM] CWE-212 CVE-2020-15024: An issue was discovered in the Login Password feature of the Password Manager component in Avast Ant An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.

CVE-2020-10867 [CRITICAL] CWE-668 CVE-2020-10867: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.

CVE-2020-10860 [HIGH] CWE-787 CVE-2020-10860: An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerab An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).

CVE-2020-10861 [HIGH] CVE-2020-10861: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.

CVE-2020-10863 [HIGH] CVE-2020-10863: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.

CVE-2020-10868 [HIGH] CVE-2020-10868: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process.

CVE-2020-10865 [HIGH] CWE-829 CVE-2020-10865: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.

CVE-2020-10862 [HIGH] CVE-2020-10862: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC.

CVE-2020-10866 [HIGH] CWE-326 CVE-2020-10866: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low Integrity process via RPC.

CVE-2020-10864 [MEDIUM] CVE-2020-10864: An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx librar An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process.

CVE-2019-18653 [MEDIUM] CWE-79 CVE-2019-18653: A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, Internet Security, and Premiere Edition) 19.3.2369 build 19.3.4241.440 in the Network Notification Popup, allowing an attacker to execute JavaScript code via an SSID Name.

CVE-2019-17093 [HIGH] CWE-427 CVE-2019-17093: An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloadi An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.454

CVE-2019-11230 [MEDIUM] CWE-59 CVE-2019-11230: In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing t

CVE-2017-8307 [CRITICAL] CVE-2017-8307: In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows servi In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also exploitable in conjunction with CVE-2017-8308 when Avast Self-De

CVE-2017-8308 [HIGH] CWE-269 CVE-2017-8308: In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitr In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components.