Denial-of-Service Vulnerability in Avira Network Protection Feature
CVE-2023-1900

5.5MEDIUM

Key Information:

Vendor: Avira
Status: Avira Antivirus
Vendor: CVE Published:; 19 April 2023

What is CVE-2023-1900?

A vulnerability has been identified in Avira's network protection feature that allows an attacker with local execution rights to initiate an overflow. This condition can compromise the heap memory, potentially leading to a denial-of-service scenario. The issue has been addressed in Endpointprotection.exe version 1.0.2303.633, and users are encouraged to update their software to mitigate this risk.

Affected Version(s)

Avira Antivirus Windows 0 < 1.0.2303.633

References

https://support.norton.com/sp/static/external/tools/secur...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2023
Vulnerability Reserved
Apr 5, 2023