CVE-2024-7231
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-7231 is a newly discovered local privilege escalation vulnerability affecting Avast Cleanup Premium. An attacker who has already gained the ability to execute low-privileged code on a target system can exploit this flaw. The vulnerability is linked to the Avast Cleanup Service, which can be manipulated through the creation of a symbolic link. By deleting a specific file using this technique, an attacker can escalate privileges and ultimately execute arbitrary code with SYSTEM-level access. This vulnerability, previously identified as ZDI-CAN-22894, poses a serious risk to affected installations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Avast Cleanup Premium
Affected Vendors
- Avast