CVE-2025-71326

HIGH

AVAST Antivirus 25.11 Unquoted Service Path Privilege Escalation

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-71326. PoCs published by Milad Karimi (Ex3ptionaL).

AI-analyzed exploit summary This is a technical writeup describing an unquoted service path vulnerability in Avast Antivirus 25.11. The vulnerability allows local privilege escalation (LPE) by exploiting the unquoted path in the SecureLine service, enabling execution of arbitrary code with SYSTEM privileges.

Description

AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that execute with high-level system permissions.

Exploits (1)

exploitdb WRITEUP
by Milad Karimi (Ex3ptionaL) · textlocalwindows
https://www.exploit-db.com/exploits/52510

This is a technical writeup describing an unquoted service path vulnerability in Avast Antivirus 25.11. The vulnerability allows local privilege escalation (LPE) by exploiting the unquoted path in the SecureLine service, enabling execution of arbitrary code with SYSTEM privileges.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Avast Antivirus 25.11
Auth required
Prerequisites: local access to the system · ability to write to the root of C:\
devstral-2 · analyzed Jun 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit exploit
ExploitDB-52510
https://www.exploit-db.com/exploits/52510
Product product
Official Product Homepage
https://www.avast.com/
Third Party Advisory third-party-advisory
VulnCheck Advisory: AVAST Antivirus 25.11 Unquoted Service Path Privilege Escalation
https://www.vulncheck.com/advisories/avast-antivirus-unquoted-service-path-privilege-escalation

Scores

CVSS v3 7.8
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-428
Status published
Products (1)
Avast/AVAST Antivirus 25.11
Published Jun 19, 2026
Tracked Since Jun 19, 2026