CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13206 – REVE Antivirus reveinstall default permission
https://notcve.org/view.php?id=CVE-2024-13206
09 Jan 2025 — A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://github.com/hawkteam404/RnD_Public/blob/main/reve_av_multiple_vuln.md • CWE-266: Incorrect Privilege Assignment CWE-276: Incorrect Default Permissions •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5102 – Elevation of Privelage via symlinked file in Avast Antivirus
https://notcve.org/view.php?id=CVE-2024-5102
10 Jun 2024 — A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulnerability exists within the "Repair" (settings -> troubleshooting -> repair) feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the system. This can provide a low-priv... • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-20118
https://notcve.org/view.php?id=CVE-2020-20118
11 Jul 2023 — Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver. • http://avast.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1900 – Avira Free Antivirus Integer Overflow Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-1900
19 Apr 2023 — A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation. Issue was fixed with Endpointprotection.exe version 1.0.2303.633 This vulnerability allows local attackers to escalate privileges on affected installations of Avira Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this... • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1587
https://notcve.org/view.php?id=CVE-2023-1587
19 Apr 2023 — Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11 • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1586
https://notcve.org/view.php?id=CVE-2023-1586
19 Apr 2023 — Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11 • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1585
https://notcve.org/view.php?id=CVE-2023-1585
19 Apr 2023 — Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, leading to arbitrary file/directory deletion. The issue was fixed with Avast and AVG Antivirus version 22.11 and virus definitions from 14 February 2023 or later. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-4294 – Norton, Avira, Avast and AVG Antivirus for Windows Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-4294
10 Jan 2023 — Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34008
https://notcve.org/view.php?id=CVE-2022-34008
21 Jun 2022 — Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder. Comodo Antivirus versión 12.2.2.8012, presenta un fallo de cuarentena que permite una escalada de privilegios. Para escalar privilegios, un atacante con pocos privilegios puede usar una unión de directorios NTFS para restaurar una DLL maliciosa de la cuarentena a la carpeta... • https://antivirus.comodo.com • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24671 – Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24671
16 Feb 2022 — A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de escalada de privilegios en Trend Micro Antivirus para Max versiones 11.0.2150 y anteriores, podría permitir a un atacante local modific... • https://helpcenter.trendmicro.com/en-us/article/TMKA-10937 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •