CVE-2020-9320

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
aviraanti-malware_sdk
𝑥
< 8.3.54.138
aviraantivirus_server
𝑥
< 8.3.54.138
aviraavira_antivirus_for_endpoint
𝑥
< 8.3.54.138
aviraavira_antivirus_for_small_business
𝑥
< 8.3.54.138
aviraavira_exchange_security
𝑥
< 8.3.54.138
aviraavira_free_security_suite
𝑥
< 8.3.54.138
aviraavira_internet_security_suite
𝑥
< 8.3.54.138
aviraavira_prime
𝑥
< 8.3.54.138
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html
http://seclists.org/fulldisclosure/2020/Feb/31
https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html
https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf
http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html
http://seclists.org/fulldisclosure/2020/Feb/31
https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html
https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf