CVE-2024-5803

Name of the Vulnerable Software and Affected Versions: AVG/Avast Antivirus versions prior to 24.1

Description: The issue allows a local attacker to escalate privileges via a COM hijack in a time-of-check to time-of-use (TOCTOU) scenario when self-protection is disabled. This occurs in the AVGUI.exe component of AVG/Avast Antivirus.

Recommendations: For versions prior to 24.1, update to version 24.1 or later to resolve the issue. As a temporary workaround, consider enabling self-protection to minimize the risk of exploitation.