CVE-2023-1587

CVSS v3.1

5.8

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11

Description The issue is related to a NULL pointer dereference problem via the RPC-interface, which could allow an attacker to cause a denial of service. The vulnerability is also associated with synchronization errors when using a shared resource.

Recommendations For Avast Antivirus versions prior to 22.11, update to version 22.11 to resolve the issue. For AVG Antivirus versions prior to 22.11, update to version 22.11 to resolve the issue. As a temporary workaround, consider restricting access to the RPC-interface until a patch is available.

Fix

Time Of Check To Time Of Use

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-367CWE-476

Related Identifiers

BDU:2023-02302

CVE-2023-1587

Affected Products

Avg Antivirus

Avast Antivirus

CVE-2023-1587

Weakness Enumeration

Related Identifiers

Affected Products

References · 7