Description
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.98.
Published: 2026-06-12
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is a heap buffer out‑of‐bounds read in the Avira Antivirus engine when it processes a malformed Windows PE file. It can be leveraged by a local user to achieve code execution within the antivirus engine or to cause a denial of service by crashing the process. The weakness is a classic buffer read error, cataloged as CWE‑125.

Affected Systems

Gen Digital Avira Antivirus products on Windows, macOS, and Linux that use engine builds older than 8.3.70.98 are vulnerable. Any installation running a pre‑8.3.70.98 build is at risk.

Risk and Exploitability

The CVSS score of 7.8 highlights a high severity for local users. The EPSS score is not available, and the issue is not listed in the CISA KEV catalog, which suggests no current exploits are documented. The likely attack vector is local; a threat actor would need to place a crafted PE file on the system and trigger a scan. If successful, the engineer could execute arbitrary code or crash the antivirus, potentially reducing system security protections.

Generated by OpenCVE AI on June 13, 2026 at 00:22 UTC.

Remediation

Vendor Solution

Upgrade to Avira scan engine build 8.3.70.98 or any later engine release. Builds at or above 8.3.70.98 include the fix.


OpenCVE Recommended Actions

  • Upgrade the Avira antivirus scan engine to build 8.3.70.98 or any later release, which includes the fix for the out‑of‑bounds read.
  • Configure the antivirus to scan only trusted directories or files, reducing the chance that a malicious PE file will be processed by the engine.
  • Enable monitoring and alerting for abnormal crash or high‑memory‑usage events in the antivirus service to detect any remaining exploitation attempts.

Generated by OpenCVE AI on June 13, 2026 at 00:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sat, 13 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Gen Digital
Gen Digital avira Antivirus
Vendors & Products Gen Digital
Gen Digital avira Antivirus

Fri, 12 Jun 2026 23:00:00 +0000

Type Values Removed Values Added
Description Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.98.
Title Avira antivirus engine heap buffer OOB read when scanning a malformed PE file
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


Subscriptions

Gen Digital Avira Antivirus
cve-icon MITRE

Status: PUBLISHED

Assigner: GEN

Published:

Updated: 2026-06-15T18:10:58.866Z

Reserved: 2025-08-14T11:11:49.220Z

Link: CVE-2025-9032

cve-icon Vulnrichment

Updated: 2026-06-15T18:10:52.527Z

cve-icon NVD

Status : Deferred

Published: 2026-06-12T23:16:30.977

Modified: 2026-06-15T20:49:19.213

Link: CVE-2025-9032

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-13T12:29:22Z

Weaknesses