Bypassing Access Restrictions in Avast Antivirus TaskEx Library

Bypassing Access Restrictions in Avast Antivirus TaskEx Library

CVE-2020-10867 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.

Learn more about our Web Application Penetration Testing UK.