CVE-2021-40837Atlant vulnerability

3 documents3 sources
Severity
5.3MEDIUMNVD
CNA4.6
EPSS
0.3%
top 51.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
F-secure AtlantF-secure Elements Endpoint Detection AND ResponseF-secure Elements Endpoint Protection+3 more
Timeline
PublishedFeb 9
Latest updateFeb 10

Description

A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

NVDf-secure/atlant< 2022-02-01_01
NVDf-secure/linux_security< 2022-02-01_01
NVDf-secure/security_cloud< 2022-02-01_01
NVDf-secure/internet_gatekeeper< 2022-02-01_01

🔴Vulnerability Details

2
GHSA
GHSA-2whc-p527-687m: A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the2022-02-10
CVEList
Denial-of-Service (DoS) Vulnerability2022-02-09
CVE-2021-40837 — F-secure Atlant vulnerability | cvebase