PT-2019-14944 · Avast+1 · Avast!+1
Published
2019-10-21
·
Updated
2021-07-21
·
CVE-2019-17093
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Avast antivirus versions prior to 19.8
AVG antivirus versions prior to 19.8
Description
A DLL Preloading vulnerability allows an attacker to implant %WINDIR%system32wbemcomn.dll, which is loaded into a Protected Process Light (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe and TuneupSmartScan.dll.
Recommendations
For Avast antivirus versions prior to 19.8, update to version 19.8 or later.
For AVG antivirus versions prior to 19.8, update to version 19.8 or later.
As a temporary workaround, consider restricting access to the vulnerable components that use WMI, such as AVGSvc.exe and TuneupSmartScan.dll, until a patch is available.
Exploit
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Avg
Avast!