CVE-2025-0720

Name of the Vulnerable Software and Affected Versions Microword eScan Antivirus version 7.0.32

Description A problematic issue has been found, affecting the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner in the component Folder Watch List Handler. This issue leads to a stack-based buffer overflow. The attack must be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond.

Recommendations For Microword eScan Antivirus version 7.0.32, as a temporary workaround, consider disabling the removeExtraSlashes function until a patch is available. Restrict access to the /opt/MicroWorld/sbin/rtscanner file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.