Critical Vulnerability in Avast Free Antivirus Allows Kernel-Level Privilege Escalation
Security researchers have revealed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access. The vulnerability, tracked as CVE-2025-3500, received a high CVSS score of 8.8 and was made public on April 24, 2025, after Avast issued a patch. Technical Details of the Vulnerability The security flaw resides in the Avast Free Antivirus aswbidsdriver kernel driver and is caused by incorrect validation of user-supplied data. ...