What is CVE-2022-28882?

CVE-2022-28882 is a Denial-of-Service (DoS) vulnerability in F-Secure & WithSecure products that can cause the scanning engine to crash.

How does CVE-2022-28882 affect F-Secure Elements Endpoint Protection?

CVE-2022-28882 affects F-Secure Elements Endpoint Protection by putting the scanning engine at risk of a crash.

Can CVE-2022-28882 be exploited remotely?

Yes, CVE-2022-28882 can be exploited remotely by an attacker.

What is the severity of CVE-2022-28882?

CVE-2022-28882 has a severity rating of 7.5, indicating a high level of risk.

Is there a fix available for CVE-2022-28882?

It is recommended to update the affected F-Secure & WithSecure products to the latest version to mitigate CVE-2022-28882.

Vulnerability/
CVE-2022-28882

high

7.5

CWE

835

23/8/2022

3/8/2024

CVE-2022-28882: Denial-of-Service (DoS) Vulnerability

First published: Tue Aug 23 2022(Updated: )

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

Credit: cve-notifications-us@f-secure.com

Affected Software	Affected Version	How to fix
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
F-secure Linux Security 64

Remedy

FIX No User action is required. The required fix has been published through automatic update channel with Capricorn database on 2022-08-10_06

Never miss a vulnerability like this again

Reference Links

https://www.withsecure.com/en/support/security-advisories

Frequently Asked Questions

What is CVE-2022-28882?
CVE-2022-28882 is a Denial-of-Service (DoS) vulnerability in F-Secure & WithSecure products that can cause the scanning engine to crash.
How does CVE-2022-28882 affect F-Secure Elements Endpoint Protection?
CVE-2022-28882 affects F-Secure Elements Endpoint Protection by putting the scanning engine at risk of a crash.
Can CVE-2022-28882 be exploited remotely?
Yes, CVE-2022-28882 can be exploited remotely by an attacker.
What is the severity of CVE-2022-28882?
CVE-2022-28882 has a severity rating of 7.5, indicating a high level of risk.
Is there a fix available for CVE-2022-28882?
It is recommended to update the affected F-Secure & WithSecure products to the latest version to mitigate CVE-2022-28882.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/title
agent/weakness
agent/last-modified-date
agent/references
agent/severity
agent/remedy
agent/tags
agent/description
agent/event
agent/first-publish-date
vendor/f-secure
canonical/f-secure elements endpoint protection
vendor/apple
canonical/apple macos
vendor/microsoft
canonical/microsoft windows
canonical/f-secure atlant
canonical/f-secure cloud protection for salesforce
canonical/f-secure elements collaboration protection
canonical/f-secure internet gatekeeper
canonical/f-secure linux security
canonical/f-secure linux security 64

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.