- Description
- An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avg_antivirus:*:*:*:*:free:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAB05E52-87C5-4597-835F-8EB6C35759F9",
"versionEndExcluding": "20.4"
},
{
"criteria": "cpe:2.3:a:avast:free_antivirus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3305B8C7-755C-4ADF-B95B-923EC073296B",
"versionEndExcluding": "20.4"
}
],
"operator": "OR"
}
]
}
]