Vulnerability Description
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | Elements Endpoint Detection And Response | All versions |
| F-Secure | Elements Endpoint Protection | All versions |
| Apple | Macos | - |
| Microsoft | Windows | - |
| F-Secure | Atlant | All versions |
| F-Secure | Cloud Protection For Salesforce | All versions |
| F-Secure | Elements Collaboration Protection | All versions |
| F-Secure | Internet Gatekeeper | All versions |
| F-Secure | Linux Security | All versions |
| F-Secure | Linux Security 64 | All versions |
References
- https://www.f-secure.com/en/business/support-and-downloads/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.f-secure.com/en/business/support-and-downloads/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
FAQ
What is CVE-2022-28881?
CVE-2022-28881 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine c...
How severe is CVE-2022-28881?
CVE-2022-28881 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-28881?
Check the references section above for vendor advisories and patch information. Affected products include: F-Secure Elements Endpoint Detection And Response, F-Secure Elements Endpoint Protection, Apple Macos, Microsoft Windows, F-Secure Atlant.