cbcvebase.
CVE-2024-20290
published 2024-02-07

CVE-2024-20290: A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an…

PriorityP358high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
33.56%
98.2th percentile
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .

Affected

45 ranges· showing 25
VendorProductVersion rangeFixed in
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint
ciscocisco_secure_endpoint

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_cisco7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.