Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic

2020-03-11 11:50

A vulnerability in Avast's anti-tracking solution could allow malicious actors to perform man-in-the-middle attacks on HTTPS traffic, a security researcher has discovered.

The security flaw, which impacts both Avast and AVG AntiTrack, as they share underlying code, resides in the manner in which the software filters HTTPS traffic.

Eade discovered that AntiTrack proxies traffic to HTTPS sites using its own certificates, after adding its own certificate to the Windows "Trusted Root Certification Authorities" store at installation.

According to Eade, Avast AntiTrack fails to check the validity of web server certificates, which makes it easy for an MitM attacker to serve a fake site using a self-signed certificate.

Tracked as CVE-2020-8987, the issues were reported to Avast in August last year and were fixed with the release of Avast AntiTrack version 1.5.1.172 and AVG AntiTrack version 2.0.0.178 in late February and early March 2020, respectively.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/0Gr_y8lSaXA/avast-antitrack-flaw-allows-mitm-attacks-https-traffic

#attack #avast #http #https #mitm #CVE-2020-8987

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-09	CVE-2020-8987	Improper Certificate Validation vulnerability in Avast Antitrack and AVG Antitrack Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. network avast CWE-295	5.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Avast		33	8	25	21	6	60

News URL

Related news

Related Vulnerability

Related vendor