Elevation of Privilege Vulnerability in Avast Free Antivirus and AVG AntiVirus Free
CVE-2020-13657

5.5MEDIUM

Key Information:

Vendor: Avast
Status: Avg Antivirus; Free Antivirus
Vendor: CVE Published:; 29 June 2020

What is CVE-2020-13657?

An elevation of privilege vulnerability has been identified in Avast Free Antivirus and AVG AntiVirus Free due to the improper handling of hard links. This flaw allows local users to gain control over arbitrary files, posing a significant risk to users and their data. Users are urged to update their software to the latest version to mitigate this risk.

References

https://forum.avast.com/index.php?topic=234638.0

x_refsource_CONFIRM

https://forum.avast.com/index.php?topic=232423.0

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 29, 2020
Vulnerability Reserved
May 28, 2020