HomePentest-Tools.com Logo

AVG Antivirus Code Injection Vulnerability CVE-2017-5566

Severity
CVSSv3 Score
6.7
Vulnerability description

AVG Antivirus is prone to a code injection vulnerability.

Risk description

The flaw exists due to: - No use of Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry. - The self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products. Successful exploitation of these vulnerabilities will allow a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a DoubleAgent attack.

Recommendation

No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 21, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available