PT-2026-5575 · Avast · Avast Secureline
Roberto Piña
·
Published
2020-03-24
·
Updated
2026-02-01
·
CVE-2020-37037
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Avast SecureLine version 5.5.522.0
Description
The software contains an unquoted service path issue that may allow local users to execute code with elevated system privileges. An attacker can exploit the unquoted path within the service configuration to inject malicious code. This code would then execute with LocalSystem account permissions when the service starts.
Recommendations
Apply updates to address the unquoted service path issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Avast Secureline