Sensitive User Credential Storage in Avast Free Antivirus Prior to 19.1.2360

Sensitive User Credential Storage in Avast Free Antivirus Prior to 19.1.2360

CVE-2018-12572 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

Learn more about our User Device Pen Test.