Cisco has issued a patch for a critical vulnerability found in its ClamAV open up source antivirus application.
Tracked as CVE-2023-20032, Cisco claimed the flaw could enable remote code execution on vulnerable units and was supplied a ‘critical’ CVSSv3 ranking of 9.8.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The issue was located to affect versions 1.. and earlier, .105.1 and previously, and .103.7.
In an advisory posted on 15 February, Cisco stated the flaw impacted the ClamAV HFS+ file parser, and could empower an “unauthenticated, remote attacker to execute arbitrary code” with the exact privileges of ClamAV’s scanning course of action.
The company extra that the vulnerability could also crash this course of action, ensuing in a denial of service (DoS) ailment.
“This vulnerability is due to a lacking buffer measurement verify that could result in a heap buffer overflow create,” the business reported. “An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an afflicted unit.”
Cisco verified that various products and solutions could be at risk because of to the vulnerability. This incorporates Protected Endpoint, previously identified as Innovative Malware Security (AMP), for endpoints.
Consumers on Windows, macOS, and Linux are all afflicted.
Cisco’s Protected Endpoint Private cloud and Secure Web Equipment, formerly Web Security Equipment, are also impacted.
The enterprise emphasised that the vulnerability does not affect other critical solutions, this kind of as its Secure Email Gateway and Protected Email and Web Supervisor.
At existing, there is no sign that the flaw has been actively exploited in the wild. On the other hand, Cisco urged customers to patch straight away to mitigate risk.
“The Cisco Product Security Incident Response Staff (PSIRT) is not informed of any community bulletins or malicious use of the vulnerability that is explained in this advisory,” the business said.
What is ClamAV?
Clam AV is an open up source antivirus platform which presents antimalware protection for users. The motor gives a variety of anti-virus remedies, such as email and web scanning, and endpoint security.
Data from Slintel exhibit that ClamAV is applied by far more than 300 businesses globally.
The engine was initially created for Unix, but has third-party variations offered to buyers of macOS, Linux, and Microsoft Windows, amid other folks.
Some components of this posting are sourced from: