Avast Antivirus Heap-Based Buffer Overflow Vulnerability on MacOS Allowing Local Code Execution or Denial-of-Service

Vulnerability

A heap-based buffer overflow and out-of-bounds read vulnerability has been identified in Avast Antivirus for MacOS. This issue arises when the antivirus scans a malformed file, potentially leading to local execution of code or causing a denial-of-service condition in the antivirus engine process. The vulnerability affects Avast Antivirus versions 8.3.70.94 prior to 8.3.70.98.

Impact

Exploitation of this vulnerability could result in a heap-based buffer overflow, allowing for local code execution or causing a denial-of-service condition in the antivirus engine process.

Added: Dec 1, 2025, 4:18 PM

Updated: Dec 1, 2025, 4:18 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Avast Antivirus Heap-Based Buffer Overflow Vulnerability on MacOS Allowing Local Code Execution or Denial-of-Service

Vulnerability

Impact

Affected Products

Avast Antivirus

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating