Premium Security
Approved changes feed: RSS · Atom
cpe:2.3:a:avast:premium_security:22.12.6044:*:*:*:*:*:*:*
part: a version: 22.12.6044 update: *
| Vendor | Avast (4c8df0f0-33ca-51f5-97dc-96fe6233c2d2) |
|---|---|
| Product | Premium Security (9ce9a904-0f19-591b-b8b0-904de4394949) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-42125 |
vulnerable | 2026-06-03 14:52:53.101221 |
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability
HIGH (7.8)
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
. Was ZDI-CAN-20383.
Published: 2024-05-03T02:13:31.242Z
Updated: 2024-09-20T19:07:41.026Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42124 |
vulnerable | 2026-06-03 14:52:53.100763 |
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability
MEDIUM (5.3)
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.
. Was ZDI-CAN-20178.
Published: 2024-05-03T02:13:30.533Z
Updated: 2024-09-18T18:30:13.039Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.