CVE-2025-7004
Received Received - Intake
Heap Buffer Overflow in Avast Antivirus

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: NortonLifeLock Inc.

Description
Heap buffer out-of-bounds write vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25040308. The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-13
EPSS Evaluated
N/A
NVD
CVE-2025-7004
EUVD
EUVD-2025-210124
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
avast avast_antivirus to 25040308 (exc)
avast avg_antivirus to 25040308 (exc)
norton_lifelock norton_antivirus to 25040308 (exc)
avast avast_one to 25040308 (exc)
avast avast_business_antivirus to 25040308 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap buffer out-of-bounds write in Avast Antivirus products when scanning a malformed Windows PE file. It occurs because the antivirus scanning logic improperly handles certain malformed files, leading to writing data outside the allocated memory buffer.

This flaw may allow a local attacker to execute code with the privileges of the antivirus process or cause a denial-of-service by crashing the antivirus software.

Impact Analysis

The vulnerability can impact you by allowing an attacker with local access to your system to execute arbitrary code within the context of the antivirus process. This could lead to unauthorized actions on your system.

Alternatively, the attacker could cause a denial-of-service condition by crashing the antivirus process, potentially leaving your system unprotected against malware.

Mitigation Strategies

To mitigate this vulnerability, ensure that your Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, or Avast Business Antivirus installations are updated to virus definition build VPS 25040308 or later.

Installations at or above this build are not vulnerable regardless of which product consumes the virus definition update stream.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7004. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart