Design/Logic Flaw

2023-04-1919:15:00

PRIOn knowledge base

www.prio-n.com

avast

avg

toctou

vulnerability

restore process

arbitrary file creation

nvd

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11

CPENameOperatorVersion
antivirusge22.5
antiviruslt22.11
anti-virusge22.5
anti-viruslt22.11

Name	Operator	Version
antivirus	ge	22.5
antivirus	lt	22.11
anti-virus	ge	22.5
anti-virus	lt	22.11

References

support.norton.com/sp/static/external/tools/security-advisories.html