CVE-2020-10861
First published: Wed Apr 01 2020(Updated: )
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avast AntiVirus | <20.0 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-10861?
CVE-2020-10861 is a vulnerability discovered in Avast Antivirus before version 20.0 that allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC when Self Defense is Enabled.
How severe is CVE-2020-10861?
CVE-2020-10861 has a severity rating of 7.5 out of 10, indicating a high severity.
Which software is affected by CVE-2020-10861?
Avast Antivirus versions prior to 20.0 are affected by CVE-2020-10861.
How can an attacker exploit CVE-2020-10861?
An attacker can exploit CVE-2020-10861 by leveraging the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.
Is Microsoft Windows affected by CVE-2020-10861?
No, Microsoft Windows is not directly affected by CVE-2020-10861.
- collector/nvd-index
- vendor/avast
- product/antivirus
- canonical/avast antivirus
- vendor/microsoft
- product/windows
- canonical/microsoft windows