CVE-2024-5102

A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting - repair feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the...

PT-2024-34492 · Avast · Avast Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 24.2 Description: A vulnerability exists within the "Repair" feature of Avast Antivirus, which attempts to delete a file in the current user's AppData directory as NT AUTHORITYSYSTEM. A low-privileged user ca...

CVE-2021-37851

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o...

CVE-2022-27167

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET...