Vulnerability Details CVE-2021-33603
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33603
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33603
Products affected by CVE-2021-33603
-
cpe:2.3:a:f-secure:atlant:-
-
cpe:2.3:a:f-secure:cloud_protection_for_salesforce:-
-
cpe:2.3:a:f-secure:elements_endpoint_detection_and_response:-
-
cpe:2.3:a:f-secure:elements_endpoint_protection:-
-
cpe:2.3:a:f-secure:elements_for_microsoft_365:-
-
cpe:2.3:a:f-secure:internet_gatekeeper:-
-
cpe:2.3:a:f-secure:linux_security:-
-
cpe:2.3:o:apple:macos:-
-
cpe:2.3:o:microsoft:windows:-