PT-2020-20398 · Avira · Avira Free Antivirus

Published

2020-04-09

Updated

2021-07-21

CVE-2020-8961

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Avira Free-Antivirus versions prior to 15.0.2004.1825

Description An issue in the Self-Protection feature allows an external process to perform a write operation, enabling code injection to turn off this feature. After disabling the Self-Protection feature, an event can be constructed to modify a file at a specific location and passed to the driver, thereby defeating the anti-virus functionality.

Recommendations For Avira Free-Antivirus versions prior to 15.0.2004.1825, update to version 15.0.2004.1825 or later to resolve the issue. As a temporary workaround, consider restricting access to the Self-Protection feature until a patch is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-8961

Affected Products

Avira Free Antivirus

PT-2020-20398 · Avira · Avira Free Antivirus

CVE-2020-8961

Related Identifiers

Affected Products

References · 4