Vulnerabilities > Avast > Antivirus

DATE CVE VULNERABILITY TITLE RISK
2021-12-27 CVE-2021-45335 Incorrect Default Permissions vulnerability in Avast Antivirus
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
local
low complexity
avast CWE-276
8.8
2021-12-27 CVE-2021-45336 Unspecified vulnerability in Avast Antivirus
Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.
local
low complexity
avast
8.8
2021-12-27 CVE-2021-45337 Unspecified vulnerability in Avast Antivirus
Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection.
local
low complexity
avast
8.8
2021-12-27 CVE-2021-45338 Unspecified vulnerability in Avast Antivirus
Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security.
local
low complexity
avast
7.8
2021-12-27 CVE-2021-45339 Incorrect Authorization vulnerability in Avast Antivirus
Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense.
local
low complexity
avast CWE-863
7.8
2020-09-10 CVE-2020-15024 Incomplete Cleanup vulnerability in Avast Antivirus 20.1.5069.562
An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562.
local
low complexity
avast CWE-459
5.5
2020-04-01 CVE-2020-10868 Unspecified vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast
7.5
2020-04-01 CVE-2020-10867 Exposure of Resource to Wrong Sphere vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-668
critical
9.8
2020-04-01 CVE-2020-10866 Inadequate Encryption Strength vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-326
7.5
2020-04-01 CVE-2020-10865 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Avast Antivirus
An issue was discovered in Avast Antivirus before 20.
network
low complexity
avast CWE-829
7.5