Denial of Service Vulnerability in Cisco
Indian – Computer Emergency Response Team (cert-in.org.in)
Severity Rating: CRITICAL
Component Affected
Secure Endpoint Connector for Windows
Secure Endpoint Private Cloud
Overview
A Vulnerability has been reported in OLE2 file format parser of ClamAV which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
Description
A critical ClamAV vulnerability exists within the OLE2 file format parser due to an improper check for end-of-string values during the scanning process. This flaw can trigger a heap buffer over-read, a type of memory access error that occurs when the software reads beyond the allocated buffer boundaries. An attacker could exploit this vulnerability in ClamAV by submitting a specially crafted file containing malicious OLE2 content to an affected device running ClamAV for scanning.
If successfully exploited, this ClamAV vulnerability could enable the attacker to disrupt the scanning operation, causing the ClamAV software to crash. This would result in a Denial of Service (DoS) condition, rendering the affected system unable to perform its intended malware detection functions. Such a DoS condition could compromise security workflows that rely on ClamAV, making timely identification and mitigation essential.
Solution
Apply appropriate updates as mentioned in:
Vendor Information
CISCO
References
CISCO
CVE Name
CVE-2024-20290
