ГлавнаяУязвимости → CVE-2025-71326
7.8высокая

CVE-2025-71326

Описание

AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that execute with high-level system permissions.

CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.avast.com/https://www.exploit-db.com/exploits/52510https://www.vulncheck.com/advisories/avast-antivirus-unquoted-service-path-privilege-escalation