Cybersecurity specialists report the detection of two severe vulnerabilities in Avast Antivirus and AVG Antivirus, two of the most popular security and antivirus tools today. According to the report, successful exploitation of the flaws would allow threat actors to deploy dangerous attack scenarios.
Below are brief descriptions of the reported flaws, in addition to their respective identification keys and scores assigned under the Common Vulnerability Scoring System (CVSS).
CVE-2022-26522: The application does not impose adequate security restrictions on the “Anti Rootkit” driver within the “aswArPot.sys” kernel driver in aswArPot+0xc4a3, which would allow threat actors to evade security restrictions and lead to privilege escalation attacks.
This is a low severity flaw and received a CVSS score of 6.8/10.
CVE-2022-26523: The application does not correctly enforce security restrictions on the “Anti Rootkit” driver in aswArPot+0xc4a3, which could lead to circumvention of security restrictions and privilege escalation attacks.
This is a low-severity vulnerability and received a CVSS score of 6.8/10.
According to the report, the vulnerabilities reside in the following versions of the vulnerable products:
- Avast Antivirus: prior to 22.1
- AVG Antivirus: prior to 22.1
Flaws can be exploited locally by authenticated threat actors, although no active exploitation attempts have been detected so far. Still, users of affected deployments are encouraged to upgrade as soon as possible; the corrected versions are now available.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
