CVE-2018-12572
First published: Sun Mar 17 2019(Updated: )
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avast Free Antivirus | <19.1.2360 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-12572?
CVE-2018-12572 is a vulnerability in Avast Free Antivirus prior to 19.1.2360 that allows local users to obtain sensitive information by dumping AvastUI.exe application memory.
How does CVE-2018-12572 work?
CVE-2018-12572 works by storing user credentials in memory upon login, which can be accessed by local users.
What is the severity of CVE-2018-12572?
CVE-2018-12572 has a severity rating of 7.8 (high).
How can I fix CVE-2018-12572?
To fix CVE-2018-12572, update Avast Free Antivirus to version 19.1.2360 or later.
Where can I find more information about CVE-2018-12572?
You can find more information about CVE-2018-12572 at the following link: [Avast Anti-Virus Local Credential Disclosure](http://packetstormsecurity.com/files/151590/Avast-Anti-Virus-Local-Credential-Disclosure.html)
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/avast
- canonical/avast free antivirus