Security News > 2020 > March > Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic

Avast AntiTrack Flaw Allows MitM Attacks on HTTPS Traffic
2020-03-11 11:50

A vulnerability in Avast's anti-tracking solution could allow malicious actors to perform man-in-the-middle attacks on HTTPS traffic, a security researcher has discovered.

The security flaw, which impacts both Avast and AVG AntiTrack, as they share underlying code, resides in the manner in which the software filters HTTPS traffic.

Eade discovered that AntiTrack proxies traffic to HTTPS sites using its own certificates, after adding its own certificate to the Windows "Trusted Root Certification Authorities" store at installation.

According to Eade, Avast AntiTrack fails to check the validity of web server certificates, which makes it easy for an MitM attacker to serve a fake site using a self-signed certificate.

Tracked as CVE-2020-8987, the issues were reported to Avast in August last year and were fixed with the release of Avast AntiTrack version 1.5.1.172 and AVG AntiTrack version 2.0.0.178 in late February and early March 2020, respectively.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/0Gr_y8lSaXA/avast-antitrack-flaw-allows-mitm-attacks-https-traffic

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-03-09 CVE-2020-8987 Improper Certificate Validation vulnerability in Avast Antitrack and AVG Antitrack
Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate.
network
high complexity
avast CWE-295
7.4

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Avast 28 0 20 25 4 49