Cisco has revealed {that a} vulnerability found within the open supply ClamAV antivirus scanning engine impacts a few of its safety merchandise.
The bug, CVE-2023-20032, was patched on Wednesday by ClamAV’s maintainers.
“A vulnerability within the HFS+ partition file parser of ClamAV variations 1.0.Zero and earlier, 0.105.1 and earlier, and 0.103.7 and earlier may permit an unauthenticated, distant attacker to execute arbitrary code,” ClamAV’s advisory said.
Cisco’s advisory elaborated by stating that “this vulnerability is because of a lacking buffer dimension test which will lead to a heap buffer overflow write.”
“An attacker may exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected gadget,” Cisco stated.
“A profitable exploit may permit the attacker to execute arbitrary code with the privileges of the ClamAV scanning course of, or else crash the method, leading to a denial of service (DoS) situation.”
Cisco makes use of ClamAV in its Safe Endpoint (previously Superior Malware Safety for Endpoints) for Home windows, MacOS, and Home windows; its Safe Endpoint Personal Cloud; and its Safe Internet Equipment merchandise.
Fixes have been revealed for all merchandise.
The networking large additionally introduced that its Nexus Dashboard has been patched to repair a denial-of-service vulnerability, CVE-2023-20014in its DNS request dealing with.
“An attacker may exploit this vulnerability by sending a steady stream of DNS requests to an affected gadget,” Cisco stated.
“A profitable exploit may permit the attacker to trigger the coredns service to cease working or trigger the gadget to reload, leading to a DoS situation.”
