SB2020040213 - Multiple vulnerabilities in Avast Antivirus
Published: April 2, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 secuirty vulnerabilities.
1) Improper access control (CVE-ID: CVE-2020-10868)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in che aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can bypass implemented security restrictions and launch the Repair App RPC call from a Low Integrity process.
2) Improper access control (CVE-ID: CVE-2020-10867)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can bypass implemented security restrictions and gain unauthorized access to the application.
3) Improper access control (CVE-ID: CVE-2020-10866)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can bypass implemented security restrictions and enumerate the network interfaces and access points from a Low Integrity process via RPC.
4) Input validation error (CVE-ID: CVE-2020-10864)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can trigger a reboot via RPC from a Low Integrity process.
5) Input validation error (CVE-ID: CVE-2020-10863)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.
6) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-10862)
The vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to improper permission checks in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A local attacker can gain elevated privileges via RPC on the target system.
7) Improper access control (CVE-ID: CVE-2020-10861)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can bypass implemented security restrictions and delete arbitrary files from Avast Program Path via RPC, when Self Defense is Enabled.
8) Buffer overflow (CVE-ID: CVE-2020-10860)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the aswAvLog Log Library. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
9) Improper access control (CVE-ID: CVE-2020-10865)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe). A remote attacker can bypass implemented security restrictions and make arbitrary changes to the Components section of the "Stats.ini" file via RPC from a Low Integrity process.
Remediation
Install update from vendor's website.