CVE-2022-28874
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
41.7%
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | macos | - | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
| f-secure | atlant | * | cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:* |
| f-secure | elements_endpoint_protection | * | cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:* |
| f-secure | linux_security | * | cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:*:* |
| withsecure | cloud_protection_for_salesforce | * | cpe:2.3:a:withsecure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:* |
| withsecure | elements_collaboration_protection | * | cpe:2.3:a:withsecure:elements_collaboration_protection:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
41.7%