CVE-2021-40832

Опубликовано: 08 окт. 2021

Источник: nvd

CVSS3: 5.5

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

Ссылки

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
Vendor Advisory
https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40832
Vendor Advisory
https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
Vendor Advisory
https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40832
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f-secure:atlant:-:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:cloud_protection_for_salesforce:-:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:elements_for_microsoft_365:-:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:internet_gatekeeper:-:*:*:*:*:-:*:*

cpe:2.3:a:f-secure:linux_security:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:f-secure:elements_endpoint_detection_and_response:-:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:elements_endpoint_protection:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00302

Низкий

5.5 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-52rq-v884-rfrr

github

больше 3 лет назад

EPSS

Процентиль: 53%

0.00302

Низкий

5.5 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo