Avast Antivirus before 20 Improper Input Validation Vulnerability

Summary

An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.

Credit:

The information has been provided by Vendor

The original article can be found at https://forum.avast.com/index.php?topic=232420.0

 


Details

Vulnerable Systems:

Avast Antivirus before 20.

    CVE Information:

    CVE-2020-10863

    Disclosure Timeline:
    Published Date:04/08/2022

    Categories: News