PT-2026-5575 · Avast · Avast Secureline

Roberto Piña

Publicado

2020-03-24

Atualizado

2026-02-01

CVE-2020-37037

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Avast SecureLine version 5.5.522.0

Description The software contains an unquoted service path issue that may allow local users to execute code with elevated system privileges. An attacker can exploit the unquoted path within the service configuration to inject malicious code. This code would then execute with LocalSystem account permissions when the service starts.

Recommendations Apply updates to address the unquoted service path issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

BDU:2026-01097

CVE-2020-37037

Produtos afetados

Avast Secureline

PT-2026-5575 · Avast · Avast Secureline

CVE-2020-37037

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8