PT-2023-17326 · Avira · Avira Endpoint Security
Published
2023-04-19
·
Updated
2023-08-24
·
CVE-2023-1900
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Avira Endpointprotection.exe versions prior to 1.0.2303.633
Description
A vulnerability within the Avira network protection feature allowed an attacker with local execution rights to cause an overflow. This could corrupt the data on the heap and lead to a denial-of-service situation.
Recommendations
For versions prior to 1.0.2303.633, update Endpointprotection.exe to version 1.0.2303.633 to resolve the issue. As a temporary workaround, consider restricting local execution rights to minimize the risk of exploitation.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Avira Endpoint Security