The warning is contained in a new advisory released by the Computer Security Incident Response Team (CSIRT), the cybersecurity centre for the telecoms sector, established by the commission, in continuation of its resolve to safeguard Nigerians.
Director, Public Affairs, NCC, Dr. Ikechukwu Adinde, said the caution noticed that cyber vulnerability in AVAST and AVG Antiviruses could lead to attacks on millions of devices with high impact in terms of consequences to ICT users.
The threat types arising from the weakness are Bypass Authentication, Remote Code Execution and Unauthorised Access, while consequences range from Privilege Escalation, Bypass Security Products to Overwrite System Components and corrupting the Operating System.
To CSIRT, researchers at SentinelOne security firm have discovered two potentially damaging vulnerabilities in AVAST and AVG antivirus products that allow attackers to escalate privileges, thus enabling them to disable security products, overwrite system components, corrupt the operating system or perform malicious operations unimpeded.
“Two vulnerabilities identified as CVE-2022-26522 and CVE-2022-26523 targeted the ‘Anti Rootkit’ driver of Avast antivirus (also used by AVG), allowing an attacker with limited privileges on the targeted system to execute code in system mode (kernel mode) and take complete control of the device. Moreover, the vulnerabilities allow complete takeover of a device, even without privileges, due to the ability to execute code in kernel mode, CSIRT said in the advisory.
However, the cybersecurity centre has offered a tripartite measure that should be taken by Internet/ICT users to prevent being vulnerable to the cyber threats. They include enabling automatic update feature for AVAST and AVG antiviruses, upgrading AVAST and AVG anti-viruses to version 22.1.2504, as well as carrying out regular patch management.
