Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
Avira Internet Security Software Updater deletes files without checking links
CVE-2026-27748
Summary
Avira Internet Security's update process can delete arbitrary files on a Windows system, potentially allowing an attacker to delete files they shouldn't have access to. This could lead to system problems or allow an attacker to do things they shouldn't be able to do. To protect your system, update Avira Internet Security and make sure not to click on suspicious links or create symbolic links to sensitive files.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| avira | internet_security | <= 1.1.114.3113 | – |
Original title
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under ...
Original description
Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolves through a symbolic link or reparse point. A local attacker can create a malicious link to redirect the delete operation to an arbitrary file, resulting in deletion of attacker-chosen files with SYSTEM privileges. This may lead to local privilege escalation, denial of service, or system integrity compromise depending on the targeted file and operating system configuration.
nvd CVSS3.1
7.8
nvd CVSS4.0
8.5
Vulnerability type
CWE-59
Link Following
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026