3 matches found
CVE-2020-12463
Avira Software Updater prior to 2.0.6.27476 is affected by an elevation of privilege due to improper handling of file hard links. This allows local users to take control of arbitrary files. CVSSv3.1 base score 7.8 (LOCAL, HIGH impact on confidentiality/integrity/availability); no exploit details ...
CVE-2019-17449
CVE-2019-17449 affects Avira Software Updater, prior to version 2.0.6.21094, which is vulnerable to a DLL side-loading attack via DLL preloading. The vulnerability is described as a local issue where exploiting it would require administrator privileges and could elevate to SYSTEM privileges (vend...
CVE-2019-11396
CVE-2019-11396 affects Avira Free Security Suite 10. The issue involves permissive access rights on the SoftwareUpdater folder and its configuration, which are incompatible with privileged file manipulation performed by the product. An unprivileged user can create files (via abuse of SwuConfig.js...