Overview
- Description
- An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avast:avg_antivirus:*:*:*:*:free:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAB05E52-87C5-4597-835F-8EB6C35759F9",
"versionEndExcluding": "20.4"
},
{
"criteria": "cpe:2.3:a:avast:free_antivirus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3305B8C7-755C-4ADF-B95B-923EC073296B",
"versionEndExcluding": "20.4"
}
],
"operator": "OR"
}
]
}
]