Search criteria
4 vulnerabilities found for Prime by Avira
CVE-2024-13759 (GCVE-0-2024-13759)
Vulnerability from cvelistv5 – Published: 2025-05-09 15:20 – Updated: 2025-05-09 19:07
VLAI?
Title
Local Privilege Escalation in Avira Prime 1.1.96.2 on Windows 10 x64
Summary
Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64 allows local attackers to gain system-level privileges via arbitrary file deletion
Severity ?
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
Credits
Anonymous working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T19:03:58.226453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T19:07:12.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"wind",
"64 bit"
],
"product": "Prime",
"vendor": "Avira",
"versions": [
{
"lessThanOrEqual": "1.1.96.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Anonymous working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64\u0026nbsp; allows local attackers to gain system-level privileges via arbitrary file deletion"
}
],
"value": "Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64\u00a0 allows local attackers to gain system-level privileges via arbitrary file deletion"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T15:20:02.750Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "NLOK"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/)"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the lastest version of Avira Prime"
}
],
"value": "Upgrade to the lastest version of Avira Prime"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Local Privilege Escalation in Avira Prime 1.1.96.2 on Windows 10 x64",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "NLOK",
"cveId": "CVE-2024-13759",
"datePublished": "2025-05-09T15:20:02.750Z",
"dateReserved": "2025-01-28T13:35:21.915Z",
"dateUpdated": "2025-05-09T19:07:12.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51636 (GCVE-0-2023-51636)
Vulnerability from cvelistv5 – Published: 2024-05-22 19:16 – Updated: 2024-08-02 22:40
VLAI?
Title
Avira Prime Link Following Local Privilege Escalation Vulnerability
Summary
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600.
Severity ?
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avira:prime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prime",
"vendor": "avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:10:38.775370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:19.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Prime",
"vendor": "Avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.484-06:00",
"datePublic": "2024-05-17T18:23:37.158-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T19:16:48.396Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"source": {
"lang": "en",
"value": "Filip Dragovic (@filip_dragovic)"
},
"title": "Avira Prime Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51636",
"datePublished": "2024-05-22T19:16:48.396Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-08-02T22:40:34.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13759 (GCVE-0-2024-13759)
Vulnerability from nvd – Published: 2025-05-09 15:20 – Updated: 2025-05-09 19:07
VLAI?
Title
Local Privilege Escalation in Avira Prime 1.1.96.2 on Windows 10 x64
Summary
Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64 allows local attackers to gain system-level privileges via arbitrary file deletion
Severity ?
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
Credits
Anonymous working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13759",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T19:03:58.226453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T19:07:12.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"wind",
"64 bit"
],
"product": "Prime",
"vendor": "Avira",
"versions": [
{
"lessThanOrEqual": "1.1.96.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Anonymous working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64\u0026nbsp; allows local attackers to gain system-level privileges via arbitrary file deletion"
}
],
"value": "Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10 x64\u00a0 allows local attackers to gain system-level privileges via arbitrary file deletion"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T15:20:02.750Z",
"orgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"shortName": "NLOK"
},
"references": [
{
"url": "https://www.gendigital.com/us/en/contact-us/security-advisories/)"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the lastest version of Avira Prime"
}
],
"value": "Upgrade to the lastest version of Avira Prime"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Local Privilege Escalation in Avira Prime 1.1.96.2 on Windows 10 x64",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dbd8429d-f261-4b1e-94cc-ae3132817e2e",
"assignerShortName": "NLOK",
"cveId": "CVE-2024-13759",
"datePublished": "2025-05-09T15:20:02.750Z",
"dateReserved": "2025-01-28T13:35:21.915Z",
"dateUpdated": "2025-05-09T19:07:12.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51636 (GCVE-0-2023-51636)
Vulnerability from nvd – Published: 2024-05-22 19:16 – Updated: 2024-08-02 22:40
VLAI?
Title
Avira Prime Link Following Local Privilege Escalation Vulnerability
Summary
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600.
Severity ?
7.8 (High)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avira:prime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prime",
"vendor": "avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:10:38.775370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:19.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Prime",
"vendor": "Avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"dateAssigned": "2023-12-20T16:02:27.484-06:00",
"datePublic": "2024-05-17T18:23:37.158-05:00",
"descriptions": [
{
"lang": "en",
"value": "Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T19:16:48.396Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"source": {
"lang": "en",
"value": "Filip Dragovic (@filip_dragovic)"
},
"title": "Avira Prime Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51636",
"datePublished": "2024-05-22T19:16:48.396Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-08-02T22:40:34.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}