HomePentest-Tools.com Logo

Avast Internet Security DoubleAgent Attack Local Code Injection Vulnerability CVE-2017-5567

CVSSv3 Score
Vulnerability description

Avast Internet Security is prone to local code injection vulnerability.

Risk description

The flaw exists due to the product do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry. The self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for this product. This mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack. Successful exploitation will allow local attacker to execute arbitrary code in the context of the system running the affected application. This can also result in the attacker gaining complete control of the affected application.


Upgrade to Avast Internet Security version 17.0 or later.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Mar 21, 2017
Detection added at
Software Type
Not available
Not available
Not available