Impact
A heap buffer out‑of‑bounds read occurs in Avast Antivirus when scanning a malformed Windows Portable Executable file that contains .NET metadata. The bug allows a local attacker to trigger memory corruption that can lead to execution of arbitrary code or cause a denial‑of‑service by crashing the antivirus process. The weakness is identified as CWE‑125 and is rated as a high‑severity flaw with a CVSS score of 7.8.
Affected Systems
The vulnerability affects Gen Digital’s AVG Antivirus, Avast Antivirus, Avast Business Antivirus, Avast One, and Norton Antivirus on Windows, macOS, and Linux platforms. Any installation using a virus‑definition stream build before VPS 25021310 is susceptible. Products that consume the shared Gen Digital engine and update through the same definition channel are impacted until they receive a build at or above the specified update.
Risk and Exploitability
The flaw is exploitable only when the affected antivirus application processes a crafted PE file, so it is a local privilege exploitation vector. Because the vulnerability requires that the malicious file be scanned by the user’s antivirus, immediate exploitation is limited to environments where an attacker can supply or influence file access. The CVSS score of 7.8 reflects the potential for local code execution, while the absence of an EPSS score suggests that no widespread, actively used exploits have been reported publicly at the time of analysis.
OpenCVE Enrichment