CVE-2026-27748

Published: Mar 5, 2026

Modified: Apr 1, 2026

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse point. A local attacker can create a malicious link to redirect the delete operation to an arbitrary file, resulting in deletion of attacker-chosen files with SYSTEM privileges. This may lead to local privilege escalation, denial of service, or system integrity compromise depending on the targeted file and operating system configuration.

Vendor	Product	Versions
Gen Digital Inc.	Avira Internet Security	affected `0 - <= 1.1.109.1990` unaffected `1.1.114.3113`

Weaknesses (CWE)

CWE-59

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://support.avira.com/hc/en-us/articles/360010656158-Current-Avira-versions

release-notes

https://www.avira.com/en/internet-security

product

https://www.gendigital.com/us/en/contact-us/security-advisories/

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-27748

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References