VYPR

Software Updater

by F-Secure

CVEs (2)

  • CVE-2017-6466HigMar 11, 2017
    risk 0.53cvss 8.1epss 0.02

    F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be…

  • CVE-2019-17449Oct 10, 2019
    risk 0.00cvss epss 0.00

    Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM privileges