CVSS Base Vector:
This host is running Avast Antivirus and is prone to
a dll preloading vulnerability.
Checks if a vulnerable version is present on the target host.
The vulnerability gives attackers the ability to:
- load and execute malicious payloads using multiple signed services, within the context of Avast
- bypass the part of the self-defense mechanism that should prevent an attacker from tampering with processes
and files of Avast Antivirus and load an arbitrary DLL into the Antivirus process
- load and execute malicious payloads in a persistent way, each time the services are loaded.
The vulnerability can be used to achieve self-defense bypass, defense evasion,
persistence and privilege escalation.
All Editions of Avast Antivirus before version 19.8.
Update to Avast Antivirus version 19.8 or later.
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: