You'd expect one of the world's leading cybersecurity vendors - Gen Digital, the company behind Avast, AVG, Avira, and Norton - to keep threats out, not let them in. But unfortunately, several of their products ship with system optimization services that introduce serious vulnerabilities.

In short: tools meant to keep your system tidy and fast might just help an attacker fast-track their way to SYSTEM privileges.

Vulnerable by Design?

These antivirus suites often come bundled with optimization features and extra components that unfortunately contain security flaws. Users should check whether they are running updated versions, especially if they’re using one of the versions listed in recent vulnerability reports.

So far, Gen Digital has not published a detailed security advisory. However, they quietly submitted several CVE entries over the weekend identifying affected versions and components.

List of Affected Components

Here are the vulnerable components and their associated CVEs:

AVG TuneUp 23.4 (Build 15592) TuneUp Service CVE-2024-13960 — CVSS 7.8 Risk High

AVG TuneUp 24.2.16593.9844 TuneupSvc.exe CVE-2024-13959 — CVSS 7.8 Risk High

Avast Cleanup Premium 24.2.16593.17810 (Windows 10 Pro x64) TuneupSvc CVE-2024-13961 — CVSS 7.8 Risk High

TuneupSvc in Gen Digital Inc. Avast Cleanup Premium Version 24.2.16593.17810 (Windows 10 Pro x64), CVE-2024-13962 / EUVD-2024-54467, CVSS 7.8 CVE-2024-13962 — CVSS 7.8 Risk High

Avira Prime 1.1.96.2 (Windows 10 x64) System Speedup Service CVE-2024-9524 Risk High

Avira.Spotlight.Service.exe — CVE-2024-13759 Both rated CVSS 7.8 Risk High

Norton Utilities Ultimate 24.2.16862.6344 (Windows 10 Pro x64) NortonUtilitiesSvc CVE-2024-13944 — CVSS 7.8 Risk High

What's Going On?

Most of these flaws involve mishandling of symbolic links, also known as "Link Following" vulnerabilities. This can allow attackers to gain elevated privileges through a TOCTOU (Time-of-Check Time-of-Use) attack - where they trick the software into executing malicious code with SYSTEM-level access.

One particular CVE stands out, allowing deletion of arbitrary files - another route to complete compromise.

A Windows 10-Only Issue? Not Quite

The CVEs mention Windows 10, but there's no technical reason other Windows versions wouldn't be affected. Without more detail from Gen Digital, it’s safest to assume the issue could impact a wider range of systems.

Shared Code, Shared Problems

Normally, one vulnerability affects one product. But since Gen Digital owns multiple brands that appear to use the same underlying code—especially for TuneUp-related tools - the problem has spread across product lines.

What You Should Do

1. Check your software version against the CVE listings

2. Update immediately if you are on a vulnerable version

3. Consider uninstalling system optimization components if they are not in use

4. Watch for further updates or advisories from Gen Digital

Security Irony 101

It is a touch ironic when software from a leading security brand ends up creating new security risks. But such is the state of modern cybersecurity - where even the guards need guarding.

Stay updated. Stay alert.