CVE-2022-3368

Name of the Vulnerable Software and Affected Versions Avira Security versions prior to 1.1.72.30556

Description The issue is related to the Software Updater functionality of Avira Security, which allows an attacker with write access to the filesystem to escalate their privileges in certain scenarios. This is due to the possibility of downloading arbitrary files.

Recommendations For versions prior to 1.1.72.30556, update to Avira Security version 1.1.72.30556 to resolve the issue. As a temporary workaround, consider restricting write access to the filesystem to minimize the risk of exploitation.