CVE-2020-12463

Published: May 5, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files.

Affected (1)

Products: Avira: Software Updater

Avira

1 product

Software Updater

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Avira Software Updater	Before 2.0.6.27476

References (2)

https://support.avira.com/hc/en-us/articles/360000142857-Avira-Software-Updater

Source: cve@mitre.org

Release NotesVendor Advisory

https://support.avira.com/hc/en-us/articles/360000142857-Avira-Software-Updater

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.