Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
Avira Internet Security: Privileged Deletion of System Directories
CVE-2026-27750
Summary
Avira's Optimizer component is vulnerable to a security issue that could allow an attacker to delete important system files or directories, potentially leading to system crashes, data loss, or even giving the attacker more control over the system. This is because a privileged process does not properly check the location of directories before deleting them. Users should update Avira Internet Security to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| avira | internet_security | <= 1.1.114.3113 | – |
Original title
Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a sc...
Original description
Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target path. A local attacker can replace a previously scanned directory with a junction or reparse point before deletion occurs, causing the privileged process to delete an unintended system location. This may result in deletion of protected files or directories and can lead to local privilege escalation, denial of service, or system integrity compromise depending on the affected target.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-367
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026