PT-2023-2508 · Avast+1 · Avast Antivirus+1
Published
2023-02-14
·
Updated
2023-05-01
·
CVE-2023-1585
CVSS v3.1
6.5
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
Avast Antivirus versions prior to 22.11
AVG Antivirus versions prior to 22.11
Description
The issue is related to a Time-of-check/Time-of-use (TOCTOU) vulnerability in the Quarantine process, which can lead to arbitrary file or directory deletion. This vulnerability is associated with synchronization errors when using a shared resource.
Recommendations
For Avast Antivirus versions prior to 22.11, update to version 22.11 or later and ensure virus definitions from 14 February 2023 or later are installed.
For AVG Antivirus versions prior to 22.11, update to version 22.11 or later and ensure virus definitions from 14 February 2023 or later are installed.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Avg Antivirus
Avast Antivirus