Description
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process.

This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64.
Published: 2026-06-12
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a null pointer dereference in the Avira Antivirus engine triggered while parsing a malformed Windows Portable Executable file. The flaw does not provide direct code execution or information disclosure; instead, it causes the antivirus process to crash, resulting in a denial of service for the scanner. The weakness is classified as CWE‑476.

Affected Systems

Avira Antivirus, released by Gen Digital, is affected on Windows, macOS, and Linux platforms. Any engine build prior to 8.3.70.64 may crash when it receives a malformed PE file.

Risk and Exploitability

The CVSS score of 5.5 indicates a medium severity impact. The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. Attackers likely need to deliver a crafted PE file to the engine, which could be achieved via file upload, email attachment, or local execution when the antivirus scans a target directory. The risk is limited to causing a service interruption rather than privilege escalation or data theft.

Generated by OpenCVE AI on June 12, 2026 at 23:21 UTC.

Remediation

Vendor Solution

Upgrade to Avira scan engine build 8.3.70.64 or any later engine release. Builds at or above 8.3.70.64 include the fix.


OpenCVE Recommended Actions

  • Upgrade the Avira scan engine to build 8.3.70.64 or any later release, which contains the necessary fix.
  • Ensure all installations of Avira Antivirus on affected platforms are updated to the patched engine build.
  • Implement extra file validation logic on CTI systems that intercept file uploads or transmissions, so that malformed PE files are rejected before being sent to the antivirus engine.

Generated by OpenCVE AI on June 12, 2026 at 23:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 13 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Gen Digital
Gen Digital avira Antivirus
Vendors & Products Gen Digital
Gen Digital avira Antivirus

Fri, 12 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64.
Title Avira antivirus engine null pointer dereference when scanning a malformed PE file
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


Subscriptions

Gen Digital Avira Antivirus
cve-icon MITRE

Status: PUBLISHED

Assigner: GEN

Published:

Updated: 2026-06-15T16:01:44.198Z

Reserved: 2025-07-02T12:01:13.717Z

Link: CVE-2025-7018

cve-icon Vulnrichment

Updated: 2026-06-15T16:01:37.583Z

cve-icon NVD

Status : Deferred

Published: 2026-06-12T22:16:49.467

Modified: 2026-06-15T20:49:19.213

Link: CVE-2025-7018

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-13T12:29:25Z

Weaknesses