First published: Mon Dec 27 2021(Updated: )
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Avast AntiVirus | <20.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-45335 is a vulnerability in Avast Antivirus where the Sandbox component has an insecure permission which could be abused by a local user to control the outcome of scans and potentially delete system files.
Avast Antivirus prior to version 20.4 is affected by CVE-2021-45335.
CVE-2021-45335 has a severity rating of 8.8 (high).
A local user can exploit CVE-2021-45335 by abusing the insecure permission in the Sandbox component of Avast Antivirus to control scan outcomes and potentially delete system files.
To fix CVE-2021-45335, update Avast Antivirus to version 20.4 or later.