Credentials disclosure in Avira Free Antivirus
https://medium.com/@knikolenko/avira-free-antivirus-password-collector-83452fa7f943 …
CVE-2020-12680
@Avira @malwrhunterteam
-
-
I not saying that this is a vulnerability at all (as you can read what I wrote above, not even sure if it something worth a CVE). I only say this a problem & not even a very small one.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
As this might not be malware per definition it can become one when getting into the wrong hands due to the functionality described by
@malwrhunterteamThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
I guess my question is, you could do the same thing with cdb.exe, which is also signed, why is that not a vulnerability?