CVE-2020-13657

Published: Jun 29, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.

Affected (2)

Products: Avast: Avg Antivirus, Free Antivirus

Avast

2 products

Avg Antivirus

Free Antivirus

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Avast Avg Antivirus	Before 20.4
Avast Free Antivirus	Before 20.4

References (4)

https://forum.avast.com/index.php?topic=232423.0

Source: cve@mitre.org

Release NotesVendor Advisory

https://forum.avast.com/index.php?topic=234638.0

Source: cve@mitre.org

Vendor Advisory

https://forum.avast.com/index.php?topic=232423.0

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://forum.avast.com/index.php?topic=234638.0

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.