CVE-2024-23441Out-of-bounds Read in Vba32 Antivirus

CWE-125Out-of-bounds ReadCWE-476NULL Pointer DereferenceCWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 93.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Virusblokada Vba32 AntivirusAnti-virus Vba32
Timeline
PublishedJan 29

Description

Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDanti-virus/vba323.36.0

🔴Vulnerability Details

2
GHSA
GHSA-v7v5-mxj3-9qmp: Vba32 Antivirus v32024-01-29
CVEList
Vba32 Antivirus v3.36.0 - Denial of Service (DoS)2024-01-29
CVE-2024-23441 — Out-of-bounds Read in Vba32 Antivirus | cvebase