Privilege escalation vulnerability in the Sandbox component of Avast Antivirus prior to 20.4 allows a local sandboxed code to gain elevated privileges by using system IPC interfaces which could lead to exit the sandbox and acquire SYSTEM privileges.
References
Link | Resource |
---|---|
https://github.com/the-deniss/Vulnerability-Disclosures/tree/main/CVE-2021-AVST3%20%26%20CVE-2021-AVST4%20%26%20CVE-2021-AVST5 | Exploit Third Party Advisory |
https://www.avast.com/hacker-hall-of-fame/en/researcher-david-eade-reports-antitrack-bug-to-avast-0 | Vendor Advisory |
Configurations
Information
Published : 2021-12-27 06:15
Updated : 2022-07-12 10:42
NVD link : CVE-2021-45336
Mitre link : CVE-2021-45336
JSON object : View
CWE
Products Affected
avast
- antivirus