Local Credential Exposure in Avira Free Antivirus Software
CVE-2020-12680

5.5MEDIUM

Key Information:

Vendor: Avira
Status: Free Antivirus
Vendor: CVE Published:; 8 May 2020

What is CVE-2020-12680?

Avira Free Antivirus, specifically versions up to 15.0.2005.1866, presents a vulnerability allowing local users to access sensitive user credentials. The associated executable, Avira.PWM.NativeMessaging.exe, collects credentials stored in web browsers such as Chrome, Firefox, Opera, and Edge without properly verifying the calling program. As a result, requests aimed at fetching Chrome passwords or other stored credentials can be executed, potentially exposing sensitive information to unauthorized local users. Despite some third parties disputing the severity of this issue, it raises significant security concerns for users relying on Avira's antivirus solution.

References

https://twitter.com/taviso/status/1258448515912491026

x_refsource_MISC

https://medium.com/%40knikolenko/avira-free-antivirus-pas...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2020
Vulnerability Reserved
May 6, 2020