TROYANOSYVIRUS
Voltar para CVEs

CVE-2026-27750

HIGH
7.8

Descricao

Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target path. A local attacker can replace a previously scanned directory with a junction or reparse point before deletion occurs, causing the privileged process to delete an unintended system location. This may result in deletion of protected files or directories and can lead to local privilege escalation, denial of service, or system integrity compromise depending on the affected target.

Detalhes CVE

Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado3/5/2026
Ultima modificacao4/1/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

avira:internet_security

Fraquezas (CWE)

CWE-367

Referencias

https://support.avira.com/hc/en-us/articles/360010656158-Current-Avira-versions(security@nortonlifelock.com)
https://www.avira.com/en/internet-security(security@nortonlifelock.com)
https://www.gendigital.com/us/en/contact-us/security-advisories/(security@nortonlifelock.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.