CVE-2022-28882

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

Published: Aug 23, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-28882
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-835

Affected Software
References

Software	From	Fixed in
f-secure / elements_endpoint_protection	-	-
f-secure / atlant	-	-
f-secure / internet_gatekeeper	-	-
f-secure / linux_security	-	-
f-secure / linux_security_64	-	-
f-secure / cloud_protection_for_salesforce	-	-
f-secure / elements_collaboration_protection	-	-

https://www.withsecure.com/en/support/security-advisories

Vulnerability Database

289,697

CVE-2022-28882