CVSS Base Vector:
This host is running AVG Antivirus and is prone to
a dll preloading vulnerability.
Checks if a vulnerable version is present on the target host.
The vulnerability gives attackers the ability to:
- load and execute malicious payloads using multiple signed services, within the context of Avast
- bypass the part of the self-defense mechanism that should prevent an attacker from tampering with processes
and files of Avast Antivirus and load an arbitrary DLL into the Antivirus process
- load and execute malicious payloads in a persistent way, each time the services are loaded.
The vulnerability can be used to achieve self-defense bypass, defense evasion,
persistence and privilege escalation.
All Editions of AVG Antivirus before version 19.8.
NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)
Update to AVG Antivirus version 19.8 or later.