CVE-2021-45335
First published: Mon Dec 27 2021(Updated: )
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avast AntiVirus | <20.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-45335?
CVE-2021-45335 is a vulnerability in Avast Antivirus where the Sandbox component has an insecure permission which could be abused by a local user to control the outcome of scans and potentially delete system files.
Which version of Avast Antivirus is affected by CVE-2021-45335?
Avast Antivirus prior to version 20.4 is affected by CVE-2021-45335.
What is the severity of CVE-2021-45335?
CVE-2021-45335 has a severity rating of 8.8 (high).
How can this vulnerability be exploited?
A local user can exploit CVE-2021-45335 by abusing the insecure permission in the Sandbox component of Avast Antivirus to control scan outcomes and potentially delete system files.
How can I fix CVE-2021-45335?
To fix CVE-2021-45335, update Avast Antivirus to version 20.4 or later.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- agent/tags
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- vendor/avast
- canonical/avast antivirus