What is CVE-2022-28882?

CVE-2022-28882 is a Denial-of-Service (DoS) vulnerability in F-Secure & WithSecure products that can cause the scanning engine to crash.

How does CVE-2022-28882 affect F-Secure Elements Endpoint Protection?

CVE-2022-28882 affects F-Secure Elements Endpoint Protection by putting the scanning engine at risk of a crash.

Can CVE-2022-28882 be exploited remotely?

Yes, CVE-2022-28882 can be exploited remotely by an attacker.

What is the severity of CVE-2022-28882?

CVE-2022-28882 has a severity rating of 7.5, indicating a high level of risk.

Is there a fix available for CVE-2022-28882?

It is recommended to update the affected F-Secure & WithSecure products to the latest version to mitigate CVE-2022-28882.

Vulnerability/
CVE-2022-28882

high

7.5

CWE

835

23/8/2022

25/8/2022

CVE-2022-28882

First published: Tue Aug 23 2022(Updated: )

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

Credit: cve-notifications-us@f-secure.com

Affected Software	Affected Version	How to fix
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
F-secure Linux Security 64

Never miss a vulnerability like this again

Reference Links

https://www.withsecure.com/en/support/security-advisories

Frequently Asked Questions

What is CVE-2022-28882?
CVE-2022-28882 is a Denial-of-Service (DoS) vulnerability in F-Secure & WithSecure products that can cause the scanning engine to crash.
How does CVE-2022-28882 affect F-Secure Elements Endpoint Protection?
CVE-2022-28882 affects F-Secure Elements Endpoint Protection by putting the scanning engine at risk of a crash.
Can CVE-2022-28882 be exploited remotely?
Yes, CVE-2022-28882 can be exploited remotely by an attacker.
What is the severity of CVE-2022-28882?
CVE-2022-28882 has a severity rating of 7.5, indicating a high level of risk.
Is there a fix available for CVE-2022-28882?
It is recommended to update the affected F-Secure & WithSecure products to the latest version to mitigate CVE-2022-28882.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.