An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10863
Reference (s):
- https://forum.avast.com/index.php?topic=232420.0
- https://forum.avast.com/index.php?topic=232423.0
- https://github.com/umarfarook882/Avast_Multiple_Vulnerability_Disclosure/blob/master/README.md