CVE-2022-28882 - Vulnerability Details

Vendors	Products
Apple	Macos
F-secure	Atlant Cloud Protection For Salesforce Elements Collaboration Protection Elements Endpoint Protection Internet Gatekeeper Linux Security Linux Security 64
Microsoft	Windows

Link	Providers
https://www.withsecure.com/en/support/security-advisories

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "All F-Secure and WithSecure Endpoint Protection products for Windows & Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protection", "vendor": "F-Secure and WithSecure", "versions": [{"status": "affected", "version": "All Version "}]}], "credits": [{"lang": "en", "value": "WithSecure & F-Secure would like to thank faty420 https://twitter.com/faty420 for bringing this issue to our attention"}], "descriptions": [{"lang": "en", "value": "A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Denial of Service Vulnerability ", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-23T15:54:02", "orgId": "126858f1-1b65-4b74-81ca-7034f7f7723f", "shortName": "F-SecureUS"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.withsecure.com/en/support/security-advisories"}], "solutions": [{"lang": "en", "value": "FIX No User action is required. The required fix has been published through automatic update channel with Capricorn database on 2022-08-10_06"}], "source": {"discovery": "EXTERNAL"}, "title": "Denial-of-Service (DoS) Vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-notifications-us@f-secure.com", "ID": "CVE-2022-28882", "STATE": "PUBLIC", "TITLE": "Denial-of-Service (DoS) Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "All F-Secure and WithSecure Endpoint Protection products for Windows & Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protection", "version": {"version_data": [{"version_affected": "=", "version_value": "All Version "}]}}]}, "vendor_name": "F-Secure and WithSecure"}]}}, "credit": [{"lang": "eng", "value": "WithSecure & F-Secure would like to thank faty420 https://twitter.com/faty420 for bringing this issue to our attention"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service Vulnerability "}]}]}, "references": {"reference_data": [{"name": "https://www.withsecure.com/en/support/security-advisories", "refsource": "MISC", "url": "https://www.withsecure.com/en/support/security-advisories"}]}, "solution": [{"lang": "en", "value": "FIX No User action is required. The required fix has been published through automatic update channel with Capricorn database on 2022-08-10_06"}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:03:53.163Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.withsecure.com/en/support/security-advisories"}]}]}, "cveMetadata": {"assignerOrgId": "126858f1-1b65-4b74-81ca-7034f7f7723f", "assignerShortName": "F-SecureUS", "cveId": "CVE-2022-28882", "datePublished": "2022-08-23T15:54:02", "dateReserved": "2022-04-08T00:00:00", "dateUpdated": "2024-08-03T06:03:53.163Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : All F-Secure and WithSecure Endpoint Protection products for Windows & Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protection (string)

vendor : F-Secure and WithSecure (string)

versions : [ »

0 : { »

status : affected (string)

version : All Version (string)

}

]

}

]

credits : [ »

0 : { »

lang : en (string)

value : WithSecure & F-Secure would like to thank faty420 https://twitter.com/faty420 for bringing this issue to our attention (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : LOW (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L (string)

version : 3.1 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Denial of Service Vulnerability (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-08-23T15:54:02 (string)

orgId : 126858f1-1b65-4b74-81ca-7034f7f7723f (string)

shortName : F-SecureUS (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.withsecure.com/en/support/security-advisories (string)

}

]

solutions : [ »

0 : { »

lang : en (string)

value : FIX No User action is required. The required fix has been published through automatic update channel with Capricorn database on 2022-08-10_06 (string)

}

]

source : { »

discovery : EXTERNAL (string)

}

title : Denial-of-Service (DoS) Vulnerability (string)

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve-notifications-us@f-secure.com (string)

ID : CVE-2022-28882 (string)

STATE : PUBLIC (string)

TITLE : Denial-of-Service (DoS) Vulnerability (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : All F-Secure and WithSecure Endpoint Protection products for Windows & Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protection (string)

version : { »

version_data : [ »

0 : { »

version_affected : = (string)

version_value : All Version (string)

}

]

}

]

}

vendor_name : F-Secure and WithSecure (string)

}

]

}

credit : [ »

0 : { »

lang : eng (string)

value : WithSecure & F-Secure would like to thank faty420 https://twitter.com/faty420 for bringing this issue to our attention (string)

}

]

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. (string)

}

]

}

generator : { »

engine : Vulnogram 0.0.9 (string)

}

impact : { »

cvss : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : LOW (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L (string)

version : 3.1 (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Denial of Service Vulnerability (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.withsecure.com/en/support/security-advisories (string)

refsource : MISC (string)

url : https://www.withsecure.com/en/support/security-advisories (string)

}

]

}

solution : [ »

0 : { »

lang : en (string)

value : FIX No User action is required. The required fix has been published through automatic update channel with Capricorn database on 2022-08-10_06 (string)

}

]

source : { »

discovery : EXTERNAL (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T06:03:53.163Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.withsecure.com/en/support/security-advisories (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 126858f1-1b65-4b74-81ca-7034f7f7723f (string)

assignerShortName : F-SecureUS (string)

cveId : CVE-2022-28882 (string)

datePublished : 2022-08-23T15:54:02 (string)

dateReserved : 2022-04-08T00:00:00 (string)

dateUpdated : 2024-08-03T06:03:53.163Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DFC1F94-8A8B-42E2-887B-EE8FB3C9130D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C97DC3C-1B63-4B57-8C62-ACD77D0A3E71", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:*", "matchCriteriaId": "31ECCE87-B67E-4CA7-91E6-8E71CEA6DA21", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:elements_collaboration_protection:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B107FE0-0F9E-4021-917F-1224F2619339", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*", "matchCriteriaId": "88F6E1F2-02DA-48EE-B127-4933CCC80C5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:x86:*", "matchCriteriaId": "F0152E70-F7A9-4785-8A43-78472F9A2C13", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:linux_security_64:*:*:*:*:*:*:*:*", "matchCriteriaId": "360DBC2B-2B93-461E-90C6-60C55FBD87B8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en los productos F-Secure y WithSecure por la que el archivo aegen.dll entra en un bucle infinito cuando desempaqueta archivos PE. Esto conlleva finalmente a un bloqueo del motor de escaneo. La explotaci\u00f3n puede ser desencadenada remotamente por un atacante."}], "id": "CVE-2022-28882", "lastModified": "2024-11-21T06:58:07.733", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.4, "source": "cve-notifications-us@f-secure.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-23T16:15:10.237", "references": [{"source": "cve-notifications-us@f-secure.com", "tags": ["Vendor Advisory"], "url": "https://www.withsecure.com/en/support/security-advisories"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.withsecure.com/en/support/security-advisories"}], "sourceIdentifier": "cve-notifications-us@f-secure.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6DFC1F94-8A8B-42E2-887B-EE8FB3C9130D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 387021A0-AF36-463C-A605-32EA7DAC172E (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A2572D17-1DE6-457B-99CC-64AFD54487EA (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0C97DC3C-1B63-4B57-8C62-ACD77D0A3E71 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:f-secure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 31ECCE87-B67E-4CA7-91E6-8E71CEA6DA21 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:f-secure:elements_collaboration_protection:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4B107FE0-0F9E-4021-917F-1224F2619339 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 88F6E1F2-02DA-48EE-B127-4933CCC80C5C (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:x86:* (string)

matchCriteriaId : F0152E70-F7A9-4785-8A43-78472F9A2C13 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:f-secure:linux_security_64:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 360DBC2B-2B93-461E-90C6-60C55FBD87B8 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. (string)

}

1 : { »

lang : es (string)

value : Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en los productos F-Secure y WithSecure por la que el archivo aegen.dll entra en un bucle infinito cuando desempaqueta archivos PE. Esto conlleva finalmente a un bloqueo del motor de escaneo. La explotación puede ser desencadenada remotamente por un atacante. (string)

}

]

id : CVE-2022-28882 (string)

lastModified : 2024-11-21T06:58:07.733 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : LOW (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L (string)

version : 3.1 (string)

}

exploitabilityScore : 0.9 (number)

impactScore : 3.4 (number)

source : cve-notifications-us@f-secure.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-08-23T16:15:10.237 (string)

references : [ »

0 : { »

source : cve-notifications-us@f-secure.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.withsecure.com/en/support/security-advisories (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.withsecure.com/en/support/security-advisories (string)

}

]

sourceIdentifier : cve-notifications-us@f-secure.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-835 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object