ClamAV OLE2 File Format Parser Vulnerability Could Lead to Denial of Service
CVE-2024-20290

7.5HIGH

Key Information:

Vendor
Cisco
Status
Cisco Secure Endpoint
Cisco Secure Endpoint Private Cloud Administration Portal
Cisco Secure Endpoint Private Cloud Console
Vendor
CVE Published:
7 February 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

A vulnerability exists in the OLE2 file format parser within ClamAV, allowing unauthenticated remote attackers to trigger a denial of service (DoS) on devices utilizing this software. This issue stems from an improper verification of end-of-string values during file scanning processes, leading to potential heap buffer over-reads. By submitting specially crafted files containing OLE2 content for scanning, an attacker could effectively terminate the ClamAV scanning service, which results in a DoS condition while simultaneously consuming the system's available resources. Immediate attention to affected versions is crucial to ensure operational integrity.

Affected Version(s)

Cisco Secure Endpoint 6.0.9

Cisco Secure Endpoint 6.0.7

Cisco Secure Endpoint 6.1.5

News Articles

favicon imagesecurityonline.info

ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290)

ClamAV's developers issued critical patches addressing two vulnerabilities (CVE-2024-20328 & CVE-2024-20290) within the library

References

https://sec.cloudapps.cisco.com/security/center/content/C...
https://lists.fedoraproject.org/archives/list/package-ann...
https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by securityonline.info

  • Vulnerability published

  • Vulnerability Reserved

.