EIP-2026-118294

PRE-CVE

Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (1)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118294. PoCs published by D.Elser.

AI-analyzed exploit summary This exploit targets a vulnerability in Avira AntiVir Personal by interacting with the 'avgntdd' driver via DeviceIoControl. It attempts to trigger a code execution vulnerability by sending a crafted IOCTL request (0x0CABA020C) to the driver, potentially leading to privilege escalation or denial-of-service.

Description

Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (1)

Exploits (1)

exploitdb WORKING POC VERIFIED

by D.Elser · cremotewindows

https://www.exploit-db.com/exploits/35225

View Code ZIP pw:eip

This exploit targets a vulnerability in Avira AntiVir Personal by interacting with the 'avgntdd' driver via DeviceIoControl. It attempts to trigger a code execution vulnerability by sending a crafted IOCTL request (0x0CABA020C) to the driver, potentially leading to privilege escalation or denial-of-service.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: Avira AntiVir Personal (unsupported versions)

No auth needed

Prerequisites: Access to the target system · Avira AntiVir Personal installed (unsupported version)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026