First published: Fri Oct 08 2021(Updated: )
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.
Credit: cve-notifications-us@f-secure.com
Affected Software | Affected Version | How to fix |
---|---|---|
F-Secure Atlant | ||
F-secure Cloud Protection For Salesforce | ||
F-secure Elements For Microsoft 365 | ||
F-secure Internet Gatekeeper | ||
F-Secure Linux Security | ||
F-secure Elements Endpoint Detection And Response | ||
F-secure Elements Endpoint Protection | ||
Apple macOS | ||
Microsoft Windows |
FIX No User action is required. The required fix has been published through automatic update channel with Capricorn update 2021-09-29_03
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-33603 is a Denial-of-Service (DoS) vulnerability discovered in F-Secure Atlant.
The CVE-2021-33603 vulnerability affects certain F-Secure products, including F-Secure Atlant, F-Secure Cloud Protection For Salesforce, F-Secure Elements For Microsoft 365, F-Secure Internet Gatekeeper, F-Secure Linux Security, F-Secure Elements Endpoint Detection And Response, and F-Secure Elements Endpoint Protection.
The CVE-2021-33603 vulnerability can be exploited remotely by an attacker to crash the AVPACK module component while scanning fuzzed files, resulting in a Denial-of-Service (DoS).
CVE-2021-33603 has a severity value of 6.5, which is considered medium severity.
No, Apple macOS and Microsoft Windows are not affected by CVE-2021-33603.