CVE-2008-1625

avast! Home and Professional 4.7 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1625.

AI-analyzed exploit summary This exploit targets a privilege escalation vulnerability in avast! 4.7's aavmker4.sys driver. It leverages arbitrary memory writes and function pointer manipulation to execute a ring0 payload, ultimately spawning a bindshell on port 4444.

Description

aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests.

Exploits (1)

exploitdb WORKING POC

pythonlocalwindows

https://www.exploit-db.com/exploits/12406

View Code ZIP pw:eip

This exploit targets a privilege escalation vulnerability in avast! 4.7's aavmker4.sys driver. It leverages arbitrary memory writes and function pointer manipulation to execute a ring0 payload, ultimately spawning a bindshell on port 4444.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: avast! 4.7 (aavmker4.sys)

No auth needed

Prerequisites: avast! 4.7 installed on Windows XP SP2/SP3 · DEP enabled

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (8)

Core 8

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/1034/references

Various Sources x_refsource_misc

http://www.trapkit.de/advisories/TKADV2008-002.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/28502

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29605

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/490321/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/41527

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1019732

Various Sources x_refsource_confirm

http://www.avast.com/eng/avast-4-home_pro-revision-history.html

Scores

EPSS 0.0071

EPSS Percentile 48.6%

Details

CWE

CWE-264

Status published

Products (9)

avast/avast_antivirus_home 4.7.827

avast/avast_antivirus_home 4.7.844

avast/avast_antivirus_home 4.7.869

avast/avast_antivirus_home 4.7.1043

avast/avast_antivirus_home 4.7.1098

avast/avast_antivirus_professional 4.7.827

avast/avast_antivirus_professional 4.7.844

avast/avast_antivirus_professional 4.7.1043

avast/avast_antivirus_professional 4.7.1098

Published Apr 02, 2008

Tracked Since Feb 18, 2026