Getty Pictures
Cisco has issued a patch for a critical vulnerability found in its ClamAV open up source antivirus application.
Tracked as CVE-2023-20032, Cisco claimed the flaw could enable remote code execution on vulnerable units and was supplied a ‘critical’ CVSSv3 ranking of 9.8.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
The issue was located to affect versions 1.. and earlier, .105.1 and previously, and .103.7.
In an advisory posted on 15 February, Cisco stated the flaw impacted the ClamAV HFS+ file parser, and could empower an “unauthenticated, remote attacker to execute arbitrary code” with the exact privileges of ClamAV’s scanning course of action.
The company extra that the vulnerability could also crash this course of action, ensuing in a denial of service (DoS) ailment.
“This vulnerability is due to a lacking buffer measurement verify that could result in a heap buffer overflow create,” the business reported. “An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an afflicted unit.”
Susceptible products
Cisco verified that various products and solutions could be at risk because of to the vulnerability. This incorporates Protected Endpoint, previously identified as Innovative Malware Security (AMP), for endpoints.
Consumers on Windows, macOS, and Linux are all afflicted.
Cisco’s Protected Endpoint Private cloud and Secure Web Equipment, formerly Web Security Equipment, are also impacted.
The enterprise emphasised that the vulnerability does not affect other critical solutions, this kind of as its Secure Email Gateway and Protected Email and Web Supervisor.
At existing, there is no sign that the flaw has been actively exploited in the wild. On the other hand, Cisco urged customers to patch straight away to mitigate risk.
“The Cisco Product Security Incident Response Staff (PSIRT) is not informed of any community bulletins or malicious use of the vulnerability that is explained in this advisory,” the business said.
What is ClamAV?
Clam AV is an open up source antivirus platform which presents antimalware protection for users. The motor gives a variety of anti-virus remedies, such as email and web scanning, and endpoint security.
Data from Slintel exhibit that ClamAV is applied by far more than 300 businesses globally.
The engine was initially created for Unix, but has third-party variations offered to buyers of macOS, Linux, and Microsoft Windows, amid other folks.
Some components of this posting are sourced from:
www.itpro.co.uk