CVE-2023-20212
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-20212 is a newly disclosed vulnerability that affects the AutoIt module of ClamAV. This logic error in memory management can allow unauthenticated, remote attackers to trigger a denial of service (DoS) condition on an affected device. An assailant can exploit this flaw by submitting a specially crafted AutoIt file to be scanned by ClamAV, thereby causing the scanning process to unexpectedly restart and resulting in a DoS condition. This vulnerability poses a significant risk to systems running ClamAV and requires immediate attention from administrators to mitigate the threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Cisco Secure Endpoint
Affected Vendors
- Cisco Systems Inc