Avast · Avast Business Antivirus For Linux · CVE-2025-4134
**Name of the Vulnerable Software and Affected Versions**
Avast Business Antivirus for Linux version 4.5
**Description**
The issue is related to a lack of file validation in the `do update vps` function, allowing a local user to potentially spoof or tamper with update files through unverified file writes.
**Recommendations**
For Avast Business Antivirus for Linux version 4.5, consider restricting access to the `do update vps` function until a patch is available. As a temporary workaround, ensure that all update files are thoroughly verified before installation to minimize the risk of exploitation.