Avast Antivirus Vulnerability Let Attackers Escalate Privileges

Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access.

The vulnerability, tracked as CVE-2025-3500, received a high CVSS score of 8.8 and was publicly disclosed on April 24, 2025, after being patched by Avast.

The security flaw exists within the Avast Free Antivirus’s aswbidsdriver kernel driver and stems from improper validation of user-supplied data.

According to the Zero Day Initiative (ZDI), which published the advisory, this validation issue can result in an integer overflow before allocating a buffer. Once exploited, attackers can leverage this vulnerability to escalate privileges and execute arbitrary code with kernel-level permissions.

“This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus,” stated the ZDI advisory. “An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.”

The local nature of the exploit means that attackers would first need access to the targeted system, limiting the immediate threat. However, once a system is compromised, the consequences could be severe, as the attacker would gain complete control over the affected device.

Cybersecurity expert Baris Akkaya discovered and reported the vulnerability to Avast on April 2, 2025. The company responded swiftly, releasing a fix in version 25.3.9983.922, which users are strongly encouraged to install immediately.

The vulnerability affects multiple versions of Avast Free Antivirus, with the Cybersecurity Help database listing affected versions from 20.1.2397 through 2016.11.1.2262. Users running these versions should update their software as soon as possible to mitigate the risk.

This is not the first time Avast products have faced security issues. Over the past few years, vulnerabilities in various Avast software components, including issues with Avast Cleanup Premium and Avast Premium Security, have been documented.

Security experts recommend that users enable automatic updates for their antivirus software to ensure they receive critical security patches promptly. Additionally, following the principle of least privilege by using standard user accounts for day-to-day activities can help mitigate the impact of similar vulnerabilities.

Avast Free Antivirus is one of the most popular antivirus solutions globally, with hundreds of millions of installations, making this vulnerability particularly concerning for home users relying on the free software for their security needs.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.

The post Avast Antivirus Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.