Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-28882

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

Published

2022-08-23T16:15:10.237

Last Modified

2024-11-21T06:58:07.733

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-835

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	f-secure	elements_endpoint_protection	*	Yes
Operating System	apple	macos	-	No
Operating System	microsoft	windows	-	No
Application	f-secure	atlant	*	Yes
Application	f-secure	cloud_protection_for_salesforce	*	Yes
Application	f-secure	elements_collaboration_protection	*	Yes
Application	f-secure	internet_gatekeeper	*	Yes
Application	f-secure	linux_security	*	Yes
Application	f-secure	linux_security_64	*	Yes

References

https://www.withsecure.com/en/support/security-advisories Vendor Advisory ([email protected])
https://www.withsecure.com/en/support/security-advisories Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)