medium
5.5
CWE
254
Advisory Published
Updated

CVE-2016-4025

First published: Thu Nov 03 2016(Updated: )

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Avast Business Security=11.1.2241
Avast Business Security=11.1.2245
Avast Business Security=11.1.2253
Avast Business Security=11.1.2260
Avast Business Security=11.1.2261
Avast Business Security=11.1.2262
Avast Antivirus=11.1.2241
Avast Antivirus=11.1.2245
Avast Antivirus=11.1.2253
Avast Antivirus=11.1.2260
Avast Antivirus=11.1.2261
Avast Antivirus=11.1.2262
Avast Internet Security=11.1.2241
Avast Internet Security=11.1.2245
Avast Internet Security=11.1.2253
Avast Internet Security=11.1.2260
Avast Internet Security=11.1.2261
Avast Internet Security=11.1.2262
Avast Antivirus=11.1.2241
Avast Antivirus=11.1.2245
Avast Antivirus=11.1.2253
Avast Antivirus=11.1.2260
Avast Antivirus=11.1.2261
Avast Antivirus=11.1.2262
Avast Antivirus=11.1.2241
Avast Antivirus=11.1.2245
Avast Antivirus=11.1.2253
Avast Antivirus=11.1.2260
Avast Antivirus=11.1.2261
Avast Antivirus=11.1.2262
Avast Email Server Security<=8.0.1609
Avast Email Server Security=8.0.1606
Avast Endpoint Protection Suite<=8.0.1609
Avast Endpoint Protection Suite=8.0.1606
Avast Endpoint Protection=8.0.1606
Avast Endpoint Protection=8.0.1609
Avast Endpoint Protection Suite Plus<=8.0.1609
Avast Endpoint Protection Suite Plus=8.0.1606
Avast Endpoint Protection Suite Plus<=8.0.1609
Avast Endpoint Protection Suite Plus=8.0.1606
Avast File Server Security<=8.0.1609
Avast File Server Security=8.0.1606

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2016-4025?

    CVE-2016-4025 has been classified with a high severity rating due to the potential for privilege escalation.

  • How do I fix CVE-2016-4025?

    To mitigate CVE-2016-4025, ensure that you update Avast software to the latest version that addresses this vulnerability.

  • What versions of Avast are affected by CVE-2016-4025?

    CVE-2016-4025 affects various versions of Avast including 11.x.x for Internet Security, Pro Antivirus, Premier, Free Antivirus, and versions up to 8.x.x for Business Security and Endpoint Protection.

  • How does CVE-2016-4025 impact system security?

    CVE-2016-4025 can potentially allow attackers to escape from the sandbox environment, leading to unauthorized access to the system.

  • Is CVE-2016-4025 being actively exploited?

    There is no public evidence indicating that CVE-2016-4025 is actively being exploited in the wild, but it is advised to patch the vulnerability to prevent any potential threats.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203