Avast Anti-Virus privileged arbitrary file create on virus restore
In the previous post, we talked about how Avast Free Antivirus “awkwardly” removes malware and how an attacker, by chaining CVE-2023-1585 and CVE-2023-1587, was able to execute arbitrary code in the SYSTEM context. And it is quite obvious to assume that similar problems can be in the virus restore functionality. And today I’m sharing the report describing the vulnerability (CVE-2023-1586) in Avast file restore functionality and exploitation of this vulnerability to execute arbitrary code in the
NT AUTHORITY\SYSTEMcontext. Avast Anti-Virus privileged arbitrary file create on virus restore
Nickname: