TOCTOU Vulnerability in Avira Internet Security Optimizer Component
CVE-2026-27750
Key Information:
- Vendor
Gen Digital Inc.
- Status
- Vendor
- CVE Published:
- 5 March 2026
Badges
What is CVE-2026-27750?
Avira Internet Security is susceptible to a time-of-check time-of-use vulnerability in its Optimizer component. This issue arises when a privileged service, executing as SYSTEM, fails to revalidate target directories post-scan. An attacker with local access could exploit this flaw by replacing a verified directory with a junction or reparse point prior to the cleanup phase. Consequently, the privileged process might inadvertently delete critical system locations, potentially resulting in the loss of protected files or directories, local privilege escalation, or denial of service. This vulnerability poses significant risks to system integrity.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Avira Internet Security Windows 0 <= 1.1.109.1990
Avira Internet Security Windows 1.1.114.3113
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved