CVE-2022-28880
medium
CVSS v3
4.3
CVSS v4 NEW
โ
VIR risk
4.3
Description
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.
Predictions
Exploit likelihood
53%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
macOS Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| - | Not affected | โ |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| f-secure | elements_endpoint_detection_and_response | | |
| f-secure | elements_endpoint_protection | | |
| f-secure | atlant | | |
| f-secure | cloud_protection_for_salesforce | | |
| f-secure | elements_collaboration_protection | | |
| f-secure | internet_gatekeeper | | |
| f-secure | linux_security | | |
| f-secure | linux_security_64 | | |
References
CWEs
CWE-400
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.