Arbitrary File Write Vulnerability in Avast Premium Security by Avast
CVE-2022-28964

7.1HIGH

Key Information:

Vendor: Avast
Status: Premium Security
Vendor: CVE Published:; 20 May 2022

What is CVE-2022-28964?

An arbitrary file write vulnerability in Avast Premium Security versions prior to v21.11.2500 enables attackers to exploit crafted DLL files. This can result in potential Denial of Service (DoS) situations, affecting the overall security and performance of the software.

References

https://github.com/netero1010/Vulnerability-Disclosure/tr...

x_refsource_MISC

https://forum.avast.com/index.php?topic=317641.0

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2022
Vulnerability Reserved
Apr 11, 2022