CVE-2024-7235 is a vulnerability classified under CWE-59 (Improper Link Resolution Before File Access, also known as 'Link Following') affecting AVG AntiVirus Free version 23.11.8635.809. The vulnerability exists within the AVG Service component, which improperly handles symbolic links during folder creation operations. A local attacker who already has the ability to execute low-privileged code on the target system can exploit this flaw by creating a symbolic link that the AVG Service follows incorrectly. This leads to the creation of folders in unintended locations or causes the service to malfunction, resulting in a denial-of-service (DoS) condition. The vulnerability does not require user interaction and has a CVSS v3.0 base score of 6.1, reflecting medium severity. The attack vector is local (AV:L), attack complexity is low (AC:L), privileges required are low (PR:L), and no user interaction is needed (UI:N). The impact affects availability (A:H) and integrity (I:L) but not confidentiality (C:N). No patches or exploits in the wild have been reported at the time of publication. This vulnerability was initially reported as ZDI-CAN-22803 and publicly disclosed on November 22, 2024.

The primary impact of CVE-2024-7235 is a denial-of-service condition on systems running the affected AVG AntiVirus Free version. This can disrupt antivirus service operations, potentially leaving systems unprotected or causing system instability. While the vulnerability does not directly expose sensitive data or allow privilege escalation, the loss of antivirus functionality can increase exposure to other threats. Organizations relying on AVG AntiVirus Free for endpoint protection may experience reduced security posture and operational disruptions. The requirement for local code execution limits the attack surface to scenarios where an attacker already has some foothold on the system, such as through other vulnerabilities or insider threats. However, the ease of exploitation (low complexity) and lack of user interaction needed make it a viable vector for attackers aiming to degrade system availability.

To mitigate CVE-2024-7235, organizations should: 1) Upgrade AVG AntiVirus Free to a version where this vulnerability is patched once available from the vendor. 2) Restrict local user permissions to prevent unauthorized code execution, minimizing the risk of attackers gaining the initial foothold needed to exploit this flaw. 3) Implement strict file system permissions and monitoring to detect and prevent unauthorized creation of symbolic links or suspicious folder manipulations. 4) Employ application whitelisting and endpoint detection and response (EDR) solutions to identify and block abnormal behaviors related to symbolic link exploitation. 5) Regularly audit and harden endpoint security configurations to reduce the attack surface. 6) Educate users and administrators about the risks of local privilege abuse and ensure timely application of security updates. Since no patches were listed at the time of disclosure, organizations should monitor vendor advisories closely for updates.