Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-38166

In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.

Published

2022-11-25T15:15:10.393

Last Modified

2025-04-29T15:15:48.190

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-248

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	f-secure	elements_endpoint_protection	-	Yes
Operating System	apple	macos	-	No
Operating System	microsoft	windows	-	No

References

https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 Vendor Advisory ([email protected])
https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)