Denial-of-Service Vulnerability in AVG AntiVirus Free by AVG Technologies
CVE-2024-7235

5.5MEDIUM

Key Information:

Vendor: Avg
Status: Antivirus
Vendor: CVE Published:; 22 November 2024

What is CVE-2024-7235?

A vulnerability in AVG AntiVirus Free allows local attackers to exploit the AVG Service by creating a symbolic link that can lead to a denial-of-service condition. Attackers with low-privileged code execution capabilities can create a directory through this flaw, effectively disrupting the normal operations of the antivirus software and rendering the system vulnerable to further threats.

References

https://www.zerodayinitiative.com/advisories/ZDI-24-1006/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2024

Avg

What is CVE-2024-7235?

References

CVSS V3.1

Timeline