The host is installed with Avast Antivirus before 20.0 and is prone to an inclusion of functionality from untrusted control sphere vulnerability. A flaw exists in the application. which fails to handle an issue in aswTask RPC endpoint for the TaskEx library. Successful exploitation allow attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.