Impact
A heap buffer out‑of‑bounds write exists in the scanning logic of Gen Digital’s antivirus engine. When a malformed Windows PE file is processed, a local attacker can corrupt heap memory, potentially leading to arbitrary code execution or causing the antivirus process to terminate. The weakness is identified as CWE‑787.
Affected Systems
The flaw affects Gen Digital products including Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux. Any installation that uses a virus‑definition build earlier than VPS‑25040308 is vulnerable; builds at or beyond that version are safe. All products that consume the shared Gen Digital virus‑definition update stream inherit the fix when updated.
Risk and Exploitability
The CVSS score of 7.8 indicates high severity. EPSS information is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation would require an attacker to deliver a specially crafted PE file that triggers a scan, making it a local‑execution vector. The lack of a public exploit does not reduce the risk, and ensuring up‑to‑date virus definitions remains the primary defense.
OpenCVE Enrichment