Jump to content
Sign in to follow this  
ChainScriptz_Bot

Avast AntiTrack Vulnerability Exposed Users to MiTM Attacks

Recommended Posts

Serious security vulnerabilities have been discovered in Avast’s Antitrack and AVG Antitrack tools. Exploiting the flaws could expose users to MiTM attacks whilst downgrading browsers’ security. Avast AntiTrack Certificate Vulnerability Reportedly, researcher David Eade found numerous security vulnerabilities in the Avast Antitrack tool. One of these is a vulnerability in certificate validation feature that could have allowed man-in-the-middle (MiTM) attacks. Elaborating his findings in a post, the researcher stated, Avast Antitrack does not check the validity of certificates presented by the end web server. This makes it trivial for a man-in-the-middle to serve a fake site using a self-signed certificate. An attacker could not only intercept the victim’s traffic but could also hijack live sessions by cloning cookies, thus bypassing two-factor authentication as well. Exploiting this bug required no user interaction, hence becoming entirely possible for a remote attacker. The researcher also noticed two other issues with the same tool. At first, it downgraded the browser’s security protocol to TLS 1.0. Then, the chosen cipher suites by the tool did not support Forward Secrecy. Patches Rolled Out The researcher found the said issues in the Avast Antitrack tool. However, since it shares codes with AVG Antitrack as well, the same vulnerabilities also applied to the latter. Specifically, the bugs affected all Avast Antitrack versions prior to 1.5.1.172, and AVG Antitrack versions below 2.0.0.178. Upon discovering the flaws in August 2019, the researcher contacted Avast to report the matter. After continued communication in the following months, the vendors eventually patched the flaws. At first, they released Avast Antitrack 1.5.1.172, and then AVG Antitrack 2.0.0.178 containing the patches. Avast has confirmed the existence and subsequent patching of the vulnerabilities whilst acknowledging the researcher in a separate advisory. As stated,

Share this post


Link to post
Share on other sites
 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

Copywrite © 2020 ChainScriptz

×
  • Create New...