CVE-2020-20118 : Security Advisory and Response

A Buffer Overflow vulnerability in Avast AntiVirus before version 19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

Understanding CVE-2020-20118

This CVE identifies a specific vulnerability in Avast AntiVirus that can be exploited by a local attacker to disrupt the service.

What is CVE-2020-20118?

The CVE-2020-20118 is a Buffer Overflow vulnerability found in Avast AntiVirus before version 19.7. It enables a local attacker to trigger a denial of service by sending a specially crafted request to the aswSnx.sys driver.

The Impact of CVE-2020-20118

This vulnerability can lead to a denial of service, potentially causing system instability or crashes, and may allow attackers to execute arbitrary code on the affected system.

Technical Details of CVE-2020-20118

Vulnerability Description

The vulnerability arises due to improper handling of requests in the aswSnx.sys driver, leading to a buffer overflow condition.

Affected Systems and Versions

Vendor: n/a
Product: n/a
Versions: All versions before 19.7 are affected

Exploitation Mechanism

The vulnerability can be exploited by a local attacker sending a specifically crafted request to the vulnerable driver, triggering a buffer overflow and causing a denial of service.

Mitigation and Prevention

Immediate Steps to Take

Update Avast AntiVirus to version 19.7 or later to mitigate the vulnerability
Monitor system logs for any unusual activities that might indicate exploitation

Long-Term Security Practices

Regularly update all software and drivers to the latest versions
Implement strong access controls and user permissions to limit potential attack surfaces

Patching and Updates

Apply security patches and updates provided by Avast promptly to address known vulnerabilities