Avira: Deserialize, Delete and Escalate - The Proper Way to Use an AV

Lucas Laise·Quarkslab·Security / OSINT·

Introduction Avira Internet Security ships with a handful of modules that quietly handle privileged operations in the background: software updates, performance monitoring and system cleanup. Each one runs parts of its workflow as SYSTEM. Three of them don't bother checking what they are actually operating on. This writeup covers three issues: an arbitrary file delete (CVE-2026-27748) in the Software Updater, an insecure deserialization (CVE-2026-27749) in System Speedup, and an arbitrary folder ...

Read full article →

Related Articles

Google Chrome silently installs a 4 GB AI model on your device without consent
john-doe · Hacker News · 3d ago
DNSSEC disruption affecting .de domains – Resolved
warpspin · Hacker News · 3d ago
US healthcare marketplaces shared citizenship and race data with ad tech giants
ZeidJ · Hacker News · 4d ago
Security through obscurity is not bad
mobeigi · Hacker News · 5d ago
The text mode lie: why modern TUIs are a nightmare for accessibility
SpyCoder77 · Hacker News · 5d ago