Lucene search

K
zdiFilip Dragovic (@filip_dragovic)ZDI-24-469
HistoryMay 17, 2024 - 12:00 a.m.

Avira Prime Link Following Local Privilege Escalation Vulnerability

2024-05-1700:00:00
Filip Dragovic (@filip_dragovic)
www.zerodayinitiative.com
1
avira prime
privilege escalation
symbolic link
vulnerability
avira spotlight service
arbitrary code

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.8%

This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.8%

Related for ZDI-24-469