Lucene search

[email protected]CVE-2020-13657

HistoryJun 29, 2020 - 6:15 p.m.

CVE-2020-13657

2020-06-2918:15:11

[email protected]

web.nvd.nist.gov

cve-2020-13657

avast free antivirus

avg antivirus free

elevation of privilege

vulnerability

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.

Affected configurations

NVD

Node

avastavg_antivirusRange<20.4free

avastfree_antivirusRange<20.4

CPENameOperatorVersion
avast:avg_antivirusavast avg antiviruslt20.4
avast:free_antivirusavast free antiviruslt20.4

CPE	Name	Operator	Version
avast:avg_antivirus	avast avg antivirus	lt	20.4
avast:free_antivirus	avast free antivirus	lt	20.4

References

forum.avast.com/index.php?topic=232423.0

forum.avast.com/index.php?topic=234638.0

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2020-13657

prion1 cvelist1 nvd1