Security researchers have identified a significant vulnerability in Avast Free Antivirus, which poses a risk of allowing attackers to gain elevated system privileges and execute malicious code at the kernel level.
Details of the Vulnerability
This vulnerability, designated as CVE-2025-3500, has been assigned a high Common Vulnerability Scoring System (CVSS) score of 8.8. It was publicly disclosed on April 24, 2025, shortly after Avast implemented a patch to address the issue.
The flaw resides within the aswbidsdriver kernel driver of Avast Free Antivirus, originating from inadequate validation of user-supplied data. According to the Zero Day Initiative (ZDI), which issued the advisory on this matter, the validation error can lead to an integer overflow prior to buffer allocation. If exploited, this vulnerability enables attackers to escalate privileges and execute arbitrary code with kernel-level permissions.
As highlighted in the ZDI advisory, “This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus.” It is important to note that an attacker must first gain the ability to execute low-privileged code on the target system to exploit this vulnerability.
Impact and Recommendations
The local nature of the exploit implies that attackers would need initial access to the targeted system, which somewhat mitigates the immediate threat. However, once a system is compromised, the potential ramifications could be severe, granting the attacker complete control over the affected device.
Cybersecurity expert Baris Akkaya discovered and reported this vulnerability to Avast on April 2, 2025. In a prompt response, the company released a fix in version 25.3.9983.922, and users are strongly urged to install this update without delay.
This vulnerability impacts multiple versions of Avast Free Antivirus, with the Cybersecurity Help database indicating affected versions range from 20.1.2397 to 2016.11.1.2262. Users operating these versions should prioritize updating their software to reduce risk exposure.
This incident is not an isolated one, as Avast products have encountered security challenges in the past. Over recent years, vulnerabilities in various Avast software components, including Avast Cleanup Premium and Avast Premium Security, have been documented.
Best Practices for Users
Security experts recommend that users enable automatic updates for their antivirus software to ensure timely receipt of critical security patches. Furthermore, adhering to the principle of least privilege by utilizing standard user accounts for everyday activities can help mitigate the impact of similar vulnerabilities.
Avast Free Antivirus remains one of the most widely used antivirus solutions worldwide, boasting hundreds of millions of installations. This makes the recent vulnerability particularly concerning for home users who depend on the free software to safeguard their digital environments.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
