CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10861
https://notcve.org/view.php?id=CVE-2020-10861
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled. Se detectó un problema en Avast Antivirus versiones anteriores a 20. El endpoint de aswTask RPC para la biblioteca TaskEx en el Avast Service (AvastSvc.exe) permite a atacantes lograr una Eliminación de Archivos Arbitrarios de Avast Program Path por medio de una RPC, cuando Self Defense está Habilitada. • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-10860
https://notcve.org/view.php?id=CVE-2020-10860
An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe). Se detectó un problema en Avast Antivirus versiones anteriores a 20. Una vulnerabilidad de Sobrescritura de Dirección de Memoria Arbitraria en la aswAvLog Log Library que resulta en una Denegación de Servicio del Avast Service (AvastSvc.exe). • https://forum.avast.com/index.php?topic=232420.0 https://forum.avast.com/index.php?topic=232423.0 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-17093
https://notcve.org/view.php?id=CVE-2019-17093
An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0. Se detectó un problema en Avast antivirus versiones anteriores a 19.8 y AVG antivirus versiones anteriores a 19.8. Una vulnerabilidad de Precarga de DLL permite a un atacante implantar una biblioteca %WINDIR%\system32\wbemcomn.dll, que se carga en un proceso protected-light (PPL) y puede omitir algunos de los mecanismos de autodefensa. • https://safebreach.com/Post/Avast-Antivirus-AVG-Antivirus-DLL-Preloading-into-PPL-and-Potential-Abuses https://safebreach.com/blog • CWE-427: Uncontrolled Search Path Element •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14694
https://notcve.org/view.php?id=CVE-2019-14694
A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service (BSOD) when an executable is run inside the container. Se puede desencadenar un fallo use-after-free en el contenedor sandbox implementado en cmdguard.sys en Comodo Antivirus 12.0.0.6870 debido a una condición de carrera al manejar solicitudes IRP_MJ_CLEANUP en el minifiltro para notificaciones de cambio de directorio. Esto permite que un atacante provoque una denegación de servicio (BSOD) cuando se ejecuta un ejecutable dentro del contenedor. • http://rce4fun.blogspot.com/2019/08/comodo-antivirus-sandbox-race-condition.html https://github.com/SouhailHammou/Exploits/blob/master/CVE-2019-14694%20-%20Comodo%20AV%20Sandbox%20Race%20Condition%20UAF/comodo_av_uaf_poc.c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-14270
https://notcve.org/view.php?id=CVE-2019-14270
Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape. Comodo Antivirus hasta la versión 12.0.0.6870, Comodo Firewall hasta la versión 12.0.0.6870, y Comodo Internet Security Premium hasta la versión 12.0.0.6870, con la característica Comodo Container, son vulnerables a un escape del Sandbox. • https://gaissecurity.com/yazi/discovery-of-sandbox-escape-on-comodo-container-antivirus-amp-firewall •