First published: Fri Oct 08 2021(Updated: )
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.
Credit: cve-notifications-us@f-secure.com
Affected Software | Affected Version | How to fix |
---|---|---|
F-Secure Atlant | ||
F-secure Cloud Protection For Salesforce | ||
F-secure Elements For Microsoft 365 | ||
F-secure Internet Gatekeeper | ||
F-Secure Linux Security | ||
F-secure Elements Endpoint Detection And Response | ||
F-secure Elements Endpoint Protection | ||
Apple macOS | ||
Microsoft Windows |
FIX No User action is required. The required fix has been published through automatic update channel with Capricorn update 2021-09-29_03
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-40832 is a Denial-of-Service (DoS) vulnerability discovered in F-Secure Atlant.
The following F-Secure products are affected: F-Secure Atlant, F-Secure Cloud Protection For Salesforce, F-Secure Elements For Microsoft 365, F-Secure Internet Gatekeeper, F-Secure Linux Security, F-Secure Elements Endpoint Detection And Response, F-Secure Elements Endpoint Protection.
CVE-2021-40832 can be exploited remotely by an attacker.
CVE-2021-40832 has a severity rating of 6.5 (medium).
More information about CVE-2021-40832 can be found on the F-Secure website: [https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40832](https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40832)