Strix
26.1K

CVE-2019-11396

UnknownEPSS 0.57%

Last modified

CVE-2019-11396 is a vulnerability of currently unknown severity. An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. EPSS estimates a 0.57% chance of exploitation in the next 30 days.

Description

An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to obtain SYSTEM privileges. Arbitrary file creation can be achieved by abusing the SwuConfig.json file creation: an unprivileged user can replace these files by pseudo-symbolic links to arbitrary files. When an update occurs, a privileged service creates a file and sets its access rights, offering write access to the Everyone group in any directory.

Metrics

EPSS Probability
0.57%

42.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AviraFree Security Suite2019
AviraSoftware Updater<= 2.0.6.13175

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-11396?
An issue was discovered in Avira Free Security Suite 10. The permissive access rights on the SoftwareUpdater folder (files / folders and configuration) are incompatible with the privileged file manipulation performed by the product. Files can be created that can be used by an unprivileged user to obtain SYSTEM privileges. Arbitrary file creation can be achieved by abusing the SwuConfig.json file creation: an unprivileged user can replace these files by pseudo-symbolic links to arbitrary files. When an update occurs, a privileged service creates a file and sets its access rights, offering write access to the Everyone group in any directory.
How severe is CVE-2019-11396?
Severity scoring for CVE-2019-11396 is pending analysis. The EPSS model estimates a 0.57% probability of exploitation in the next 30 days.
How do I fix CVE-2019-11396?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-11396?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST