CVE-2024-13962

High CVSS: 7.8

Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Gen Digital Inc. Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack.

Vendor

Product

CWE

CWE-59

Yayın Tarihi

2025-05-09 16:15:23

Güncelleme

2025-05-12 17:32:32

Source Identifier

security@nortonlifelock.com

KEV Date Added

Kategoriler

CWE-59 HIGH 2025

Referanslar

https://www.gendigital.com/us/en/contact-us/security-advisories/