Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-4025

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

Published

2016-11-03T10:59:02.557

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-254

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	avast	business_security	11.1.2241	Yes
Application	avast	business_security	11.1.2245	Yes
Application	avast	business_security	11.1.2253	Yes
Application	avast	business_security	11.1.2260	Yes
Application	avast	business_security	11.1.2261	Yes
Application	avast	business_security	11.1.2262	Yes
Application	avast	free_antivirus	11.1.2241	Yes
Application	avast	free_antivirus	11.1.2245	Yes
Application	avast	free_antivirus	11.1.2253	Yes
Application	avast	free_antivirus	11.1.2260	Yes
Application	avast	free_antivirus	11.1.2261	Yes
Application	avast	free_antivirus	11.1.2262	Yes
Application	avast	internet_security	11.1.2241	Yes
Application	avast	internet_security	11.1.2245	Yes
Application	avast	internet_security	11.1.2253	Yes
Application	avast	internet_security	11.1.2260	Yes
Application	avast	internet_security	11.1.2261	Yes
Application	avast	internet_security	11.1.2262	Yes
Application	avast	premier	11.1.2241	Yes
Application	avast	premier	11.1.2245	Yes
Application	avast	premier	11.1.2253	Yes
Application	avast	premier	11.1.2260	Yes
Application	avast	premier	11.1.2261	Yes
Application	avast	premier	11.1.2262	Yes
Application	avast	pro_antivirus	11.1.2241	Yes
Application	avast	pro_antivirus	11.1.2245	Yes
Application	avast	pro_antivirus	11.1.2253	Yes
Application	avast	pro_antivirus	11.1.2260	Yes
Application	avast	pro_antivirus	11.1.2261	Yes
Application	avast	pro_antivirus	11.1.2262	Yes
Application	avast	email_server_security	≤ 8.0.1609	Yes
Application	avast	email_server_security	8.0.1606	Yes
Application	avast	endpoint_protection	≤ 8.0.1609	Yes
Application	avast	endpoint_protection	8.0.1606	Yes
Application	avast	endpoint_protection_plus	8.0.1606	Yes
Application	avast	endpoint_protection_plus	8.0.1609	Yes
Application	avast	endpoint_protection_suite	≤ 8.0.1609	Yes
Application	avast	endpoint_protection_suite	8.0.1606	Yes
Application	avast	endpoint_protection_suite_plus	≤ 8.0.1609	Yes
Application	avast	endpoint_protection_suite_plus	8.0.1606	Yes
Application	avast	file_server_security	≤ 8.0.1609	Yes
Application	avast	file_server_security	8.0.1606	Yes

References

https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ Technical Description, Third Party Advisory ([email protected])
https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)