Local Privilege Escalation in Avast Antivirus Protecting Windows Systems
CVE-2020-10862

7.8HIGH

Key Information:

Vendor

Avast

Status
Antivirus
Vendor
CVE Published:
1 April 2020

What is CVE-2020-10862?

An issue exists in Avast Antivirus prior to version 20, where the aswTask RPC endpoint within the Avast Service (AvastSvc.exe) is susceptible to exploitation. Attackers can leverage this vulnerability to gain elevated privileges locally through RPC, potentially enabling unauthorized access and control within the affected system.

References

https://forum.avast.com/index.php?topic=232420.0
x_refsource_MISC
https://forum.avast.com/index.php?topic=232423.0
x_refsource_MISC
https://github.com/umarfarook882/Avast_Multiple_Vulnerabi...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.