Vulnerability in Avast Free_antivirus
CVE-2018-12572
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
EPSS: 0.003 (23.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Avast Free_antivirus
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Exploit, VDB Entry, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2018-12572?
- CVE-2018-12572 is a high-severity vulnerability in Avast Free_antivirus, classified under Cleartext Storage of Sensitive Information. CVSS score: 7.8/10. Published 2019-03-21.
- How severe is CVE-2018-12572?
- High severity. CVSS v3 base score is 7.8 out of 10.