Lucene search

K
zdiAbdelhamid NaceriZDI-23-1474
HistorySep 27, 2023 - 12:00 a.m.

(0Day) Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability

2023-09-2700:00:00
Abdelhamid Naceri
www.zerodayinitiative.com
7
avast premium security
sandbox
vulnerability
privilege escalation
arbitrary code

0.001 Low

EPSS

Percentile

28.9%

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.

0.001 Low

EPSS

Percentile

28.9%

Related for ZDI-23-1474