Skip to main content

Avg Antivirus CVE-2020-13657

MEDIUM
2020-06-29 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 29, 2020 - 18:15 nvd
MEDIUM 5.5

DescriptionNVD

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.

AnalysisAI

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files. Affected products include: Avast Avg Antivirus, Avast Free Antivirus. Version information: before 20.4.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-4173 HIGH
8.8 Dec 06

A vulnerability within the malware removal functionality of Avast and AVG Antivirus allowed an attacker with write acces

CVE-2025-7011 HIGH
7.8 Jun 12

Local code execution and denial-of-service in Gen Digital antivirus engines (Avast, AVG, Norton, Avast One, Avast Busine

CVE-2025-7009 HIGH
7.8 Jun 12

Local code execution or antivirus-process denial-of-service in Gen Digital's shared scanning engine (Avast Antivirus, AV

CVE-2025-7008 HIGH
7.8 Jun 12

Out-of-bounds heap read in the Gen Digital antivirus scanning engine (Avast, AVG, Norton, Avast One, Avast Business) all

CVE-2025-7004 HIGH
7.8 Jun 12

Heap out-of-bounds write in Gen Digital's shared antivirus scanning engine allows local code execution or denial of serv

CVE-2023-5760 HIGH
7.0 Nov 08

A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. Rated high severity (C

CVE-2025-7019 MEDIUM
5.5 Jun 12

Stack overflow in Gen Digital's shared antivirus scanning engine crashes the AV process when it parses a malformed Offic

CVE-2025-7010 MEDIUM
5.5 Jun 12

Stack overflow via uncontrolled recursion crashes the antivirus scanning process across all Gen Digital consumer and bus

CVE-2025-7006 MEDIUM
5.5 Jun 12

Stack use-after-free in the Gen Digital shared antivirus scanning engine crashes the antivirus process when it parses a

CVE-2025-7005 MEDIUM
5.5 Jun 12

Uncontrolled recursion in the Gen Digital shared scanning engine crashes the antivirus process when it encounters a spec

CVE-2012-6335 LOW
3.3 Dec 31

The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location

Share

CVE-2020-13657 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy