CVE-2025-1367

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 17, 2025

Updated: Feb 18, 2025

CWE ID 119

CWE ID 120

Summary

CVE-2025-1367 is a newly discovered critical vulnerability that impacts MicroWord eScan Antivirus 7.0.32 on Linux systems. The issue lies in the function sprintf of the USB Password Handler component, where a buffer overflow can be triggered through manipulation. An attacker must have local access to exploit this vulnerability. Despite early disclosure, the vendor has not responded to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

eScan

Affected Vendors

MicroWorld Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3ailV2
https://www.cve.org/CVERecord?id=CVE-2025-1367
https://nvd.nist.gov/vuln/detail/CVE-2025-1367

Back to Vulnerability Database