cvelist/2021/27xxx/CVE-2021-27241.json

{
  "CVE_data_meta": {
    "ASSIGNER": "zdi-disclosures@trendmicro.com",
    "ID": "CVE-2021-27241",
    "STATE": "PUBLIC"
  },
  "affects": {
    "vendor": {
      "vendor_data": [
        {
          "product": {
            "product_data": [
              {
                "product_name": "Premium Security",
                "version": {
                  "version_data": [
                    {
                      "version_value": "20.8.2429 (Build 20.8.5653.561)"
                    }
                  ]
                }
              }
            ]
          },
          "vendor_name": "Avast"
        }
      ]
    }
  },
  "credit": "Abdelhamid Naceri",
  "data_format": "MITRE",
  "data_type": "CVE",
  "data_version": "4.0",
  "description": {
    "description_data": [
      {
        "lang": "eng",
        "value": "This vulnerability allows local attackers to delete arbitrary directories on affected installations of Avast Premium Security 20.8.2429 (Build 20.8.5653.561). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the AvastSvc.exe module. By creating a directory junction, an attacker can abuse the service to delete a directory. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12082."
      }
    ]
  },
  "problemtype": {
    "problemtype_data": [
      {
        "description": [
          {
            "lang": "eng",
            "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"
          }
        ]
      }
    ]
  },
  "references": {
    "reference_data": [
      {
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-208/"
      }
    ]
  },
  "impact": {
    "cvss": {
      "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
      "version": "3.0"
    }
  }
}