GCVE - cpe:2.3:a:avira:avira_prime:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:avira:avira_prime:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Avira (`d2f4bdaf-87bb-59b1-bc66-93d44750e024`)
Product	Avira Prime (`f9d6d441-af2c-53ea-b16a-1185d97fb780`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-51636`	vulnerable	2026-06-03 14:53:38.153903	Avira Prime Link Following Local Privilege Escalation Vulnerability HIGH (7.8) Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600. Published: 2024-05-22T19:16:48.396Z Updated: 2024-08-02T22:40:34.068Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-24-469/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-9320`	vulnerable	2026-06-03 14:43:13.307865	Details available Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product Published: 2020-02-20T21:39:43.000Z Updated: 2024-08-04T10:26:16.367Z Open on db.gcve.eu Reference links https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html http://seclists.org/fulldisclosure/2020/Feb/31	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.