Vulnerabilities > Avast > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-5760 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Avast AVG Antivirus 23.8 A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. | 7.0 |
| 2023-01-10 | CVE-2022-4294 | Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. | 7.8 |
| 2022-12-06 | CVE-2022-4173 | Improper Privilege Management vulnerability in Avast and AVG Antivirus A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. | 8.8 |
| 2021-12-27 | CVE-2021-45335 | Incorrect Default Permissions vulnerability in Avast Antivirus Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files. | 7.2 |
| 2021-12-27 | CVE-2021-45336 | Unspecified vulnerability in Avast Antivirus Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges. | 7.2 |
| 2021-12-27 | CVE-2021-45337 | Unspecified vulnerability in Avast Antivirus Privilege escalation vulnerability in the Self-Defense driver of Avast Antivirus prior to 20.8 allows a local user with SYSTEM privileges to gain elevated privileges by "hollowing" process wsc_proxy.exe which could lead to acquire antimalware (AM-PPL) protection. | 7.2 |
| 2021-12-27 | CVE-2021-45338 | Unspecified vulnerability in Avast Antivirus Multiple privilege escalation vulnerabilities in Avast Antivirus prior to 20.4 allow a local user to gain elevated privileges by calling unnecessarily powerful internal methods of the main antivirus service which could lead to the (1) arbitrary file delete, (2) write and (3) reset security. | 7.2 |
| 2021-12-27 | CVE-2021-45339 | Incorrect Authorization vulnerability in Avast Antivirus Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense. | 7.2 |
| 2021-04-21 | CVE-2020-23907 | Out-of-bounds Write vulnerability in Avast Retdec 3.3 An issue was discovered in retdec v3.3. | 7.5 |
| 2020-04-01 | CVE-2020-10867 | Exposure of Resource to Wrong Sphere vulnerability in Avast Antivirus An issue was discovered in Avast Antivirus before 20. | 7.5 |