anonhaven
Ad

CVE-2026-27749

HIGH CVSS 4.0: 8.5 EPSS 0.04%
Updated Mar 05, 2026
Payload
Parameter Value
CVSS 8.5 (HIGH)
Type CWE-502 (Deserialization of Untrusted Data (Десериализация недоверенных данных))
Vendor Payload
Public PoC No

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\\ProgramData using .NET BinaryFormatter without implementing input validation or deserialization safeguards. Because the file can be created or modified by a local user in default configurations, an attacker can supply a crafted serialized payload that is deserialized by the privileged process, resulting in arbitrary code execution as SYSTEM.

Attack Parameters

Attack Vector
Local
Нужен локальный доступ
Attack Complexity
Low
Легко эксплуатировать
Attack Requirements
None
Нет дополнительных условий
Privileges Required
Low
Нужны базовые права
User Interaction
None
Не нужно действие пользователя

Impact Assessment

Confidentiality
High
Полная утечка данных
Integrity
High
Полная модификация данных
Availability
High
Полный отказ в обслуживании

CVSS Vector v4.0

Weakness Type (CWE)

CWE-502 Deserialization of Untrusted Data (Десериализация недоверенных данных)

References 4

https://blog.quarkslab.com/avira-deserialize-delete-and-escalate-the-proper-way…
disclosure@vulncheck.com
https://support.avira.com/hc/en-us/articles/360010656158-Current-Avira-versions
disclosure@vulncheck.com
https://www.avira.com/en/internet-security
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/avira-internet-security-system-speedup-ins…
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-29068

Payload

8.7

CVE-2025-55289

Payload

8.8

CVE-2026-28772

Payload

5.1

CVE-2023-31044

Payload

2.0

CVE-2025-65465

Payload

6.1