Description
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process.
References (3)
Core 3
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://forum.avast.com/index.php?topic=232420.0
Release Notes, Vendor Advisory x_refsource_misc
https://forum.avast.com/index.php?topic=232423.0
Exploit, Third Party Advisory x_refsource_misc
https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md
Scores
CVSS v3
6.5
EPSS
0.0046
EPSS Percentile
64.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
Status
published
Products (1)
avast/antivirus
< 20.0
Published
Apr 01, 2020
Tracked Since
Feb 18, 2026