CVE-2021-28130

Name of the Vulnerable Software and Affected Versions: Dr.Web Firewall version 12.5.2.4160

Description: The issue concerns Dr.Web Firewall on Windows, where it incorrectly restricts applications signed by Dr.Web, allowing a custom payload within a legitimate binary, such as frwl svc.exe, to bypass firewall filters.

Recommendations: For Dr.Web Firewall version 12.5.2.4160, consider restricting access to the frwl svc.exe binary until a patch is available to prevent potential bypass of firewall filters. At the moment, there is no information about a newer version that contains a fix for this vulnerability.