CVE-2019-11396

HIGH

Avira Free Security Suite 10 - Privilege Escalation

Title source: llm

Description

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to obtain SYSTEM privileges. Arbitrary file creation can be achieved by abusing the SwuConfig.json file creation: an unprivileged user can replace these files by pseudo-symbolic links to arbitrary files. When an update occurs, a privileged service creates a file and sets its access rights, offering write access to the Everyone group in any directory.

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/153868/Avira-Free-Security-Suite-2019-Software-Updater-2.0.6.13175-Improper-Access-Control.html

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

https://seclists.org/fulldisclosure/2019/Aug/1

Various Sources x_refsource_misc

https://medium.com/sidechannel-br/vulnerabilidade-no-avira-security-suite-pode-levar-%C3%A0-escala%C3%A7%C3%A3o-de-privil%C3%A9gios-no-windows-71964236c077

Scores

CVSS v3 7.8

EPSS 0.0057

EPSS Percentile 42.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-59

Status published

Products (2)

avira/free_security_suite 2019

avira/software_updater < 2.0.6.13175

Published Aug 29, 2019

Tracked Since Feb 18, 2026