Null Pointer Dereference in AVG/Avast Antivirus on MacOS
CVE-2024-9483

5.5MEDIUM

Key Information:

Vendor: Avg
Status: Antivirus
Vendor: CVE Published:; 4 October 2024

What is CVE-2024-9483?

The vulnerability in AVG/Avast Antivirus, pertaining to the signature verification module, can lead to application crashes when processing malformed xar files. This flaw allows attackers to exploit a null-pointer-dereference, resulting in the software's instability on MacOS systems. Users are advised to avoid opening suspicious xar files and to apply any available software updates to mitigate potential risks.

References

https://support.norton.com/sp/static/external/tools/secur...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2024

Avg

What is CVE-2024-9483?

References

CVSS V3.1

Timeline