CVE-2020-9320

** DISPUTED ** Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product.

CVSS v3 5.5 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html	Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2020/Feb/31	Mailing List Third Party Advisory
https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html	Third Party Advisory
https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:avira:anti-malware_sdk::::::::
	cpe:2.3:a:avira:antivirus_server::::::::
	cpe:2.3:a:avira:avira_antivirus_for_endpoint::::::::
	cpe:2.3:a:avira:avira_antivirus_for_small_business::::::::
	cpe:2.3:a:avira:avira_exchange_security::::::::
	cpe:2.3:a:avira:avira_free_security_suite::::::windows::*
	cpe:2.3:a:avira:avira_internet_security_suite::::::windows::*
	cpe:2.3:a:avira:avira_prime::::::::

History

No history.

Information

Published : 2020-02-20 22:15

Updated : 2024-08-04 11:15

NVD link : CVE-2020-9320

Mitre link : CVE-2020-9320

CVE.ORG link : CVE-2020-9320

JSON object : View

Products Affected

avira

avira_prime
avira_free_security_suite
anti-malware_sdk
antivirus_server
avira_internet_security_suite
avira_antivirus_for_endpoint
avira_exchange_security
avira_antivirus_for_small_business

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2020-9320", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-02-20T22:15:12.257", "references": [{"url": "http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2020/Feb/31", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product"}, {"lang": "es", "value": "** EN DISPUTA ** Avira AV Engine versiones anteriores a 8.3.54.138, permite omitir la detecci\u00f3n de virus por medio de un archivo ISO dise\u00f1ado. Esto afecta a las versiones anteriores a 8.3.54.138 de Antivirus para Endpoint, Antivirus para Small Business, Exchange Security (Gateway), Internet Security Suite para Windows, Prime, Free Security Suite para Windows y Cross Platparam Anti-malware SDK. NOTA: El vendedor afirma que la vulnerabilidad no existe en el producto"}], "lastModified": "2024-08-04T11:15:42.430", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:avira:anti-malware_sdk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B72788C-6ACD-482D-87D3-C334D8A16439", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:antivirus_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30F53D27-BB74-4081-ADCD-40E3BCF4CF61", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_antivirus_for_endpoint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82507BF4-1F45-42B6-85A0-85F3F8D67C82", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_antivirus_for_small_business:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B79CE7D-B721-4020-B203-A41F8756E818", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_exchange_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F86DF45-AAF9-456A-8E99-7B79790BC859", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_free_security_suite:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "A136E43F-2878-49EC-9F72-97DD4F9DF509", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_internet_security_suite:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "1E2E63E2-1AC6-463A-B20E-C73B51F1C3EF", "versionEndExcluding": "8.3.54.138"}, {"criteria": "cpe:2.3:a:avira:avira_prime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E837C1-A5D3-48CC-8E0E-AE4D99AD7CFA", "versionEndExcluding": "8.3.54.138"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}