CVE-2024-7227
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-7227 is a local privilege escalation vulnerability affecting Avast Free Antivirus. This issue lies in the Avast Service and allows an attacker to escalate privileges by creating a symbolic link. To exploit this vulnerability, an attacker must first gain the ability to execute low-privileged code on the targeted system. By manipulating the symbolic link, an attacker can delete a file, which in turn enables them to escalate privileges and execute arbitrary code with SYSTEM-level access. This vulnerability, identified as ZDI-CAN-22272, poses a significant risk to affected installations of Avast Free Antivirus.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Avast Free Antivirus
Affected Vendors
- Avast