Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-12680

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and thus a request such as fetchChromePasswords or fetchCredentials will succeed. NOTE: some third parties have stated that this is "not a vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
Products affected by CVE-2020-12680
  • Avira » Free Antivirus » Version: 15.0.1907.1514
    cpe:2.3:a:avira:free_antivirus:15.0.1907.1514
  • Avira » Free Antivirus » Version: 15.0.1909.1591
    cpe:2.3:a:avira:free_antivirus:15.0.1909.1591
  • Avira » Free Antivirus » Version: 15.0.1911.1648
    cpe:2.3:a:avira:free_antivirus:15.0.1911.1648
  • Avira » Free Antivirus » Version: 15.0.1911.1660
    cpe:2.3:a:avira:free_antivirus:15.0.1911.1660
  • Avira » Free Antivirus » Version: 15.0.1912.1683
    cpe:2.3:a:avira:free_antivirus:15.0.1912.1683
  • Avira » Free Antivirus » Version: 15.0.2002.1755
    cpe:2.3:a:avira:free_antivirus:15.0.2002.1755
  • Avira » Free Antivirus » Version: 15.0.2004.1825
    cpe:2.3:a:avira:free_antivirus:15.0.2004.1825
  • Avira » Free Antivirus » Version: 15.0.2005.1866
    cpe:2.3:a:avira:free_antivirus:15.0.2005.1866


Products
Pricing
Contact Us

Shodan ® - All rights reserved