Vulnerability CVE-2016-4025

Vulnerability CVE-2016-4025

Published: 2016-11-03

Description:

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

See advisories in our WLB2 database:

	Topic	Author	Date
Med.	Avast SandBox Escape via IOCTL Requests	Kyriakos Economo...	21.04.2016

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
2.1/10	2.9/10	3.9/10

Exploit range	Attack complexity	Authentication
Local	Low	No required
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Avast -> Business security
Avast -> Email server security
Avast -> Endpoint protection
Avast -> Endpoint protection plus
Avast -> Endpoint protection suite
Avast -> Endpoint protection suite plus
Avast -> File server security
Avast -> Free antivirus
Avast -> Internet security
Avast -> Premier
Avast -> Pro antivirus

References:

https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/

Copyright 2024, cxsecurity.com