First published: Wed Oct 06 2021(Updated: )
A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.
Credit: cve-notifications-us@f-secure.com
Affected Software | Affected Version | How to fix |
---|---|---|
F-Secure Atlant | ||
F-secure Cloud Protection | ||
F-secure Internet Gatekeeper | ||
F-Secure Linux Security |
FIX No User action is required. The required fix has been published through the automatic update channel with Capricorn update 2021-09-29_03
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-33602 is a vulnerability affecting the F-Secure Antivirus engine when unpacking a zip archive, which can result in a Denial-of-Service.
CVE-2021-33602 affects F-Secure Antivirus by crashing the scanning engine when unpacking a zip archive using the LZW decompression method.
Yes, CVE-2021-33602 can be exploited remotely by an attacker.
CVE-2021-33602 has a severity rating of 5.3 (medium).
To fix CVE-2021-33602, ensure that you have applied the latest updates and patches provided by F-Secure.