CVE-2021-33599

Published: Sep 7, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.

Affected (4)

Products: F Secure: Atlant, Cloud Protection For Salesforce, Linux Security, Elements Endpoint Protection

4 products

Cloud Protection For Salesforce

Elements Endpoint Protection

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
F Secure Atlant	All versions
F Secure Cloud Protection For Salesforce	All versions
F Secure Linux Security	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
F Secure Elements Endpoint Protection	All versions

Running on/with	Platform Versions
Apple Macos	All versions
Microsoft Windows	All versions

Related CWEs

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (4)

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33599

Source: cve-notifications-us@f-secure.com

Vendor Advisory

https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33599

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.