CVE-2024-6510

Summary

Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking.

Affected Software

VendorProductVersion RangeStatus
AVGInternet Security0 <= 24.0affected
AVGInternet Security24.1unaffected

Weaknesses

  • CWE-749: CWE-749 Exposed Dangerous Method or Function
  • CWE-427: CWE-427 Uncontrolled Search Path Element
  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References