CVE-2022-4173
CVSS V2 None
CVSS V3 None
Description
A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avast and AVG Antivirus version 22.10.
Overview
- CVE ID
- CVE-2022-4173
- Assigner
- security@nortonlifelock.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-06T00:15:10.303
- Last Modified Date
- 2022-12-07T15:41:45.637
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:avast:avast:*:*:*:*:*:*:*:* | 1 | OR | 20.5 | 22.9 |
| cpe:2.3:a:avast:avg_antivirus:*:*:*:*:*:*:*:* | 1 | OR | 20.5 | 22.9 |
References
| Reference URL | Reference Tags |
|---|---|
| https://support.norton.com/sp/static/external/tools/security-advisories.html | Third Party Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-4173 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4173 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-07 18:06:40 | Added to TrackCVE |