CVE-2026-27749

Published: Mar 5, 2026

Modified: Apr 1, 2026

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\\ProgramData using .NET BinaryFormatter without implementing input validation or deserialization safeguards. Because the file can be created or modified by a local user in default configurations, an attacker can supply a crafted serialized payload that is deserialized by the privileged process, resulting in arbitrary code execution as SYSTEM.

Vendor	Product	Versions
Gen Digital Inc.	Avira Internet Security	affected `0 - <= 1.1.109.1990` unaffected `1.1.114.3113`

Weaknesses (CWE)

CWE-502

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://support.avira.com/hc/en-us/articles/360010656158-Current-Avira-versions

release-notes

https://www.avira.com/en/internet-security

product

https://www.gendigital.com/us/en/contact-us/security-advisories/

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-27749

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References