Insecure Permission in Avast Antivirus Sandbox Component Allows for Scan Manipulation and File Deletion

Insecure Permission in Avast Antivirus Sandbox Component Allows for Scan Manipulation and File Deletion

CVE-2021-45335 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files.

Learn more about our User Device Pen Test.