Zero-day vulnerability in CCleaner


Avast reported a security breach, which involved compromise of one of the CCleaner distribution servers. As a result, the adversary was able to distribute a backdoored version of CCleaner application between August 15 and September 12. The compromised version of CCleaner was distributed from the official vendor's website.

Vulnerability details

Advisory: SB2017091816 - Backdoor in CCleaner

Vulnerable component: CCleaner


CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-20 - Improper Input Validation


CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 were shipped with a backdoor code from official vendorтАЩs website. The incident was detected on September 12.

The malicious version was released on August 15. Users, who downloaded CCleaner between August 15 and September 12, are affected.