CVE-2024-5102

A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting - repair feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the...

PT-2024-34492 · Avast · Avast Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 24.2 Description: A vulnerability exists within the "Repair" feature of Avast Antivirus, which attempts to delete a file in the current user's AppData directory as NT AUTHORITYSYSTEM. A low-privileged user ca...

The vulnerability of the RealVNC remote access software relates to insecure management of privileges, allowing a hacker to elevate their own privileges.

The vulnerability of the RealVNC remote access software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges by using the MSI installer Repair feature...

CVE-2021-37851

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o...

CVE-2022-27167

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET...