Denial-of-Service (DoS) Vulnerability
Description
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A DoS vulnerability in F-Secure Atlant's fsicapd component allows remote attackers to crash the scanning engine by sending large/fuzzed files.
Vulnerability
A denial-of-service vulnerability exists in the fsicapd component used in F-Secure and WithSecure endpoint protection products on Windows and Mac platforms [1][2]. When scanning large or fuzzed files, the component consumes excessive memory, leading to a crash of the scanning engine. All supported platforms for the affected products are vulnerable.
Exploitation
An attacker can remotely trigger the vulnerability by sending specially crafted large or fuzzed files to the scanning engine [1][2]. No authentication is required, and the attack can be executed without user interaction.
Impact
Successful exploitation results in a denial-of-service condition, causing the scanning engine to crash and potentially disrupting protection services [1][2]. No other impact (data disclosure or code execution) has been reported.
Mitigation
The fix has been released via automatic update as HydraLinux update 2022-04-12_01 [1]. No user action is required as the update is applied automatically. No known exploits in the wild have been observed [1][2].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- F-Secure/All F-Secure Endpoint Protection products on Windows and Mac F-Secure Linux Security (32-bit) F-Secure Linux Security 64 F-Secure Atlant F-Secure Internet Gatekeeper F-Secure Cloud Protection for Salesforcev5Range: All Version
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.f-secure.com/en/home/support/security-advisories/cve-2022-28871mitrex_refsource_MISC
- www.withsecure.com/en/support/security-advisories/cve-2022-28871mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.