CVE-2025-1364

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 16, 2025

CWE ID 119

CWE ID 121

Summary

CVE-2025-1364 is a critical vulnerability affecting MicroWord eScan Antivirus 7.0.32 on Linux systems. The USB Protection Service component's passPrompt function is susceptible to a stack-based buffer overflow. An attacker can exploit this vulnerability on a local host, and the exploit has already been made public. The vendor, MicroWord, was notified about the disclosure but has yet to provide a response or patch. Users are urged to take precautions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

eScan

Affected Vendors

MicroWorld Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3afcCe
https://www.cve.org/CVERecord?id=CVE-2025-1364
https://nvd.nist.gov/vuln/detail/CVE-2025-1364

Back to Vulnerability Database