PT-2020-20581 · Avira · Cross Platform Anti-Malware Sdk+7
Thierry Zoller
·
Published
2020-02-20
·
Updated
2024-08-04
·
CVE-2020-9320
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Avira AV Engine versions prior to 8.3.54.138
Antivirus for Endpoint versions prior to 8.3.54.138
Antivirus for Small Business versions prior to 8.3.54.138
Exchange Security (Gateway) versions prior to 8.3.54.138
Internet Security Suite for Windows versions prior to 8.3.54.138
Prime versions prior to 8.3.54.138
Free Security Suite for Windows versions prior to 8.3.54.138
Cross Platform Anti-malware SDK versions prior to 8.3.54.138
Description
The issue allows virus-detection bypass via a crafted ISO archive. This affects various Avira products.
Recommendations
For Avira AV Engine version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Antivirus for Endpoint version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Antivirus for Small Business version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Exchange Security (Gateway) version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Internet Security Suite for Windows version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Prime version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Free Security Suite for Windows version prior to 8.3.54.138, update to version 8.3.54.138 or later.
For Cross Platform Anti-malware SDK version prior to 8.3.54.138, update to version 8.3.54.138 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Antivirus For Endpoint
Antivirus For Small Business
Avira Av Engine
Cross Platform Anti-Malware Sdk
Exchange Security
Free Security Suite For Windows
Internet Security Suite For Windows
Prime