Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

[TZO-19-2020] - AVIRA Generic AV Bypass (ISO Container) - CVE-2020-9320

Related Vulnerabilities: CVE-2020-9320  
Source 
                ________________________________________________________________________

                From the low-hanging-fruit-department
     AVIRA Generic Malformed Container bypass (ISO Container)
________________________________________________________________________

Release mode    : Coordinated disclosure / Vendor does not disclose
CVE             : CVE-2020-9320
Ref             : [TZO-19-2020] - AVIRA Generic AV Bypass (ISO Container)
Vendor          : AVIRA
Status          : PATCHED - Engine version 8.3.54.138.
CVE             : none provided,

Vulnerability Dislosure Policy: https://caravelahq.com/b/policy/20949

Affected Products
=================
AV Engine below 8.3.54.138

All Avira products :
- Avira Antivirus Server
- Avira Antivirus for Endpoint
- Avira Antivirus for Small Business
- Avira Exchange Security (Gateway)
- Avira Internet Security Suite for Windows
- Avira Prime
- Avira Free Security Suite for Windows
- Cross Platform Anti-malware SDK

Attention:

can reach out to me to retreive the POC in order to test.

AVIRA OEM Partners:
- F-Secure
- Sophos
- Barracude
- Alibaba Cloud Security
- Check Point
- CUJO AI
- TP-Link
- FujiSoft
- AWS
- Rohde and Schwarz
- Careerbuilder
- Huawei
- Dracoon
- Total Availability
- FixMeStick
- APPVISORY
- Tabidus
- Cyren

Source :
https://oem.avira.com/en/partnership/our-partners

I. Background
----------------------------

and online privacy—ranging from antivirus to VPN and cleanup technologies.

Avira has the Trust Seal or the
http://www.teletrust.de/itsmig/

II. Description
----------------------------

III. Impact
----------------------------
It bypasses Avira perimeter defenses and sheduled AV scans.

or Exfiltration/Pivot Server).

this advisory I provide a link to my 2009 blog post
http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html

IV. Patch / Advisory
----------------------------
PATCHED - Engine version 8.3.54.138.

V. Disclosure timeline
----------------------------

How Avira handled these reports in 2009 :
https://blog.zoller.lu/2009/04/avira-antivir-generic-cab-bypass.html

28 NOV 2019
Submitted the Vulnerabiltiy Details

04 DEC 2019
AVIRA releases a patch but doesn't inform the public and/or customers.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook
Vulmon Logo
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started