CVE-2022-28882

Summary

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

Affected Software

VendorProductVersion RangeStatus
F-Secure and WithSecureAll F-Secure and WithSecure Endpoint Protection products for Windows & Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration ProtectionAll Versionaffected

Weaknesses

  • Denial of Service Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References