PT-2021-20225 · F Secure · F-Secure Antivirus Engine

Published

2021-09-07

Updated

2021-09-09

CVE-2021-33599

CVSS v3.1

4.6

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions F-Secure Antivirus engine (affected versions not specified)

Description A vulnerability was discovered in the F-Secure Antivirus engine, where scanning a WIM archive file can lead to a denial-of-service, causing an infinite loop and freezing the AV engine scanner. This issue can be exploited remotely by an attacker, resulting in the denial-of-service of the Anti-Virus engine.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

CVE-2021-33599

Affected Products

F-Secure Antivirus Engine

PT-2021-20225 · F Secure · F-Secure Antivirus Engine

CVE-2021-33599

Weakness Enumeration

Related Identifiers

Affected Products

References · 4