Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
Avira Internet Security's System Speedup component allows arbitrary code execution
CVE-2026-27749
Summary
The System Speedup component in Avira Internet Security can run malicious code with administrator-level access if a hacker creates a specific file on the computer. This could allow an attacker to take control of your system. To protect yourself, update Avira Internet Security to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| avira | internet_security | <= 1.1.114.3113 | – |
Original title
Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM pri...
Original description
Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\\ProgramData using .NET BinaryFormatter without implementing input validation or deserialization safeguards. Because the file can be created or modified by a local user in default configurations, an attacker can supply a crafted serialized payload that is deserialized by the privileged process, resulting in arbitrary code execution as SYSTEM.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-502
Deserialization of Untrusted Data
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026