CVE-2024-7228

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 22, 2024
Updated: Dec 9, 2024
CWE ID 59

Summary

CVE-2024-7228 is a denial-of-service vulnerability affecting Avast Free Antivirus. Local attackers can exploit this flaw by executing low-privileged code on the target system and creating a symbolic link within the Avast Service. This manipulation enables the creation of a folder that can cause a denial-of-service condition on the Avast Service and the system as a whole. The vulnerability, identified as ZDI-CAN-22806, was reported to Avast prior to public disclosure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Avast Free Antivirus

Affected Vendors

  • Avast