Lucene search

[email protected]CVE-2022-4173

HistoryDec 06, 2022 - 12:15 a.m.

CVE-2022-4173

2022-12-0600:15:10

CWE-269

[email protected]

web.nvd.nist.gov

avast

avg

antivirus

vulnerability

privilege escalation

nvd

cve-2022-4173

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.

Affected configurations

NVD

Node

avastavastRange20.5–22.9

avastavg_antivirusRange20.5–22.9

CPENameOperatorVersion
avast:avastavastle22.9
avast:avg_antivirusavast avg antivirusle22.9

CPE	Name	Operator	Version
avast:avast	avast	le	22.9
avast:avg_antivirus	avast avg antivirus	le	22.9

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Avast and AVG Antivirus",
    "vendor": "NortonLifeLock",
    "versions": [
      {
        "lessThanOrEqual": "22.9",
        "status": "affected",
        "version": "20.5",
        "versionType": "custom"
      }
    ]
  }
]

References

support.norton.com/sp/static/external/tools/security-advisories.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Related for CVE-2022-4173

nvd1 prion1 cvelist1 thn1