Main Vulnerability Database Exploits ID:8701 - Exploit for Absolute Path Traversal in Avast Antivirus and AVG Antivirus - CVE-2022-4173

ID:8701 - Exploit for Absolute Path Traversal in Avast Antivirus and AVG Antivirus - CVE-2022-4173

Published: December 28, 2022

Vulnerability identifier: #VU70525

Vulnerability risk: Low

CVE-ID: CVE-2022-4173

CWE-ID: CWE-36

Exploitation vector: Local access

Vulnerable software:
Avast Antivirus
AVG Antivirus

Link to public exploit:

https://github.com/SafeBreach-Labs/aikido_wiper

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure file path processing within the malware removal functionality. A local user can remove arbitrary files on the system and escalate privileges.

Remediation

Install updates from vendor's website.

ID:8701 - Exploit for Absolute Path Traversal in Avast Antivirus and AVG Antivirus - CVE-2022-4173

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human