QwikSec

Security Database

CVE

CWE

Training

CVE-2020-9320

Published: Feb 20, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html

x_refsource_MISC

https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf

x_refsource_MISC

http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html

x_refsource_MISC

20200227 [TZO-19-2020] - AVIRA Generic AV Bypass (ISO Container) - CVE-2020-9320

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.