Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.4% and no vendor patch available.
RCE
Management Console
NVD
CVSS 2.0
10.0
EPSS
12.4%