CVE-2021-33602

Summary

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.

Affected Software

VendorProductVersion RangeStatus
F-SecureF-Secure endpoint protection products on Windows and Mac. F-Secure Linux Security (32-bit) F-Secure Linux Security 64 F-Secure Atlant & F-Secure Cloud Protection for SalesforceAll Versionaffected

Weaknesses

  • Denial of Service Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References