CVE-2024-7228
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 22, 2024
Updated: Dec 9, 2024
CWE ID 59
Summary
CVE-2024-7228 is a denial-of-service vulnerability affecting Avast Free Antivirus. Local attackers can exploit this flaw by executing low-privileged code on the target system and creating a symbolic link within the Avast Service. This manipulation enables the creation of a folder that can cause a denial-of-service condition on the Avast Service and the system as a whole. The vulnerability, identified as ZDI-CAN-22806, was reported to Avast prior to public disclosure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Avast Free Antivirus
Affected Vendors
- Avast