Local Privilege Escalation Vulnerability in AVG Internet Security by AVG Technologies
CVE-2024-6510

7.8HIGH

Key Information:

Vendor: Avg
Status: Internet Security
Vendor: CVE Published:; 12 September 2024

What is CVE-2024-6510?

AVG Internet Security v24 for Windows is susceptible to a Local Privilege Escalation vulnerability that allows an unprivileged local user to gain elevated privileges to the SYSTEM level through the exploitation of COM-Hijacking. This vulnerability highlights a critical flaw in the access control mechanisms of the software that could potentially enable an attacker to execute arbitrary code with elevated privileges, compromising the integrity and security of the affected system. Patching and mitigation strategies are advisable for users of this product.

References

https://www.cirosec.de/sa/sa-2023-008

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 12, 2024

Avg

What is CVE-2024-6510?

References

CVSS V3.1

Timeline