Fixed Intel

CVE-2026-27748

High
CVSS 7.8

Description

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse point. A local attacker can create a malicious link to redirect the delete operation to an arbitrary file, resulting in deletion of attacker-chosen files with SYSTEM privileges. This may lead to local privilege escalation, denial of service, or system integrity compromise depending on the targeted file and operating system configuration.

CVSS Score

7.8/ 10
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Classification (CWE)

CWE-59CWE-59MITRE

Related Articles (1)

Industry News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

Mar 9, 2026

References (4)

https://blog.quarkslab.com/avira-deserialize-delete-and-escalate-the-proper-way-to-use-an-av.htmldisclosure@vulncheck.comhttps://support.avira.com/hc/en-us/articles/360010656158-Current-Avira-versionsdisclosure@vulncheck.comhttps://www.avira.com/en/internet-securitydisclosure@vulncheck.comhttps://www.vulncheck.com/advisories/avira-internet-security-arbitrary-file-deletion-via-improper-link-resolutiondisclosure@vulncheck.com

Risk Assessment

STANDARD

No elevated risk factors detected.

Details

Severity
High
CVSS
7.8
CWE
CWE-59
CISA KEV
No
Articles
1

Timeline

Published

Mar 5, 2026

External Links

NVD (NIST)CVE DetailsMITRE CVE