Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 17/10/2022 Updated: 08/08/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556.

Vulnerable Product	Search on Vulmon	Subscribe to Product
avira avira security

CVE-2022-3368 PoC for arbitrary file move vulnerability in Software Update component of Avira Security Users have option to use this feature to update any outdated software on their PC ,when this feature is used Avira Security service will drop downloaded files in c:\ProgramData\Avira\Security\Temp First file that is created in subdirectory is in format <random 4 numbe

NVD-CWE-noinfo https://support.norton.com/sp/static/external/tools/security-advisories.html https://nvd.nist.gov https://github.com/Wh04m1001/CVE-2022-3368

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-3368

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect