CVE-2019-11230

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
avastantivirus
𝑥
< 19.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.mcerlane.co.uk/CVE-2019-11230/
http://www.securityfocus.com/bid/109344
http://www.mcerlane.co.uk/CVE-2019-11230/
http://www.securityfocus.com/bid/109344