CVE-2021-40837

Summary

A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

Affected Software

VendorProductVersion RangeStatus
F-SecureF-Secure endpoint protection products on Windows and Mac. F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper & F-Secure Security CloudAll Versionaffected

Weaknesses

  • Denial of Service Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References