CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-10867

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile44.90th
Published2020年4月1日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.

Affected Platforms (CPE)

📦
Avast

Antivirus

< 20.0

References & Advisories

🔗 https://forum.avast.com/index.php?topic=232420.0
🔗 https://forum.avast.com/index.php?topic=232423.0
🔗 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md
🔗 https://forum.avast.com/index.php?topic=232420.0
🔗 https://forum.avast.com/index.php?topic=232423.0
🔗 https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md

関連する脆弱性情報

CVE-2004-048710.0

A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consump...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2000-079310.0

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first use...

CVE-2005-201710.0

Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a h...