Elevation of Privilege Vulnerability in Avast Antivirus Prior to 24.2
CVE-2024-5102

7HIGH

Key Information:

Vendor: Avast
Status: Antivirus
Vendor: CVE Published:; 10 June 2024

What is CVE-2024-5102?

The vulnerability in Avast Antivirus involves the 'Repair' functionality accessible via the settings menu, which allows low-privilege users to exploit symlink and junction folder capabilities. By crafting a pseudo-symlink pointing to sensitive system files, a user can manipulate the process during a race condition. This could lead to unintended file deletions or the execution of commands with elevated privileges under NT AUTHORITY\SYSTEM, potentially compromising the integrity of the system and exposing it to further security threats.

Affected Version(s)

Antivirus Windows 24.2

References

https://support.norton.com/sp/static/external/tools/secur...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 10, 2024

Credit

Naor Hodorov