First published: Wed Apr 01 2020(Updated: )
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Avast AntiVirus | <20.0 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Avast Antivirus issue is CVE-2020-10863.
The affected software is Avast AntiVirus version up to and excluding 20.0.
CVE-2020-10863 has a severity rating of 7.5 (high).
Attackers can trigger a shutdown via Remote Procedure Call (RPC) from a Low Integrity process using the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe).
No, Microsoft Windows is not affected by this vulnerability.
You can find more information about this vulnerability in the Avast forum and the GitHub repository for Avast Multiple Vulnerability Disclosure.