What is CVE-2023-42125?

CVE-2023-42125 is a high-severity vulnerability in Avast Premium Security, classified under Use of Incorrectly-Resolved Name or Reference. CVSS score: 7.8/10. Published 2024-05-03.

How severe is CVE-2023-42125?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Avast Premium Security

CVE-2023-42125

Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtai…

EPSS: 0.001 (28.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Avast Premium Security — versions Avast Premium Security 22.12.6044 (build 22.12.7758.769)

Weakness classification (CWE)

CWE-706 — Use of Incorrectly-Resolved Name or Reference

References

ZDI-23-1475 (x_research-advisory)

Frequently asked questions

What is CVE-2023-42125?: CVE-2023-42125 is a high-severity vulnerability in Avast Premium Security, classified under Use of Incorrectly-Resolved Name or Reference. CVSS score: 7.8/10. Published 2024-05-03.
How severe is CVE-2023-42125?: High severity. CVSS v3 base score is 7.8 out of 10.