Denial-of-Service (DoS) Vulnerability
Description
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
F-Secure Atlant and WithSecure products are vulnerable to a DoS crash when scanning a malicious file that triggers a bug in aepack.dll.
Vulnerability
A Denial-of-Service (DoS) vulnerability exists in F-Secure Atlant and certain WithSecure products whereby scanning a specially crafted file can crash the scanning engine. The flaw resides in the aepack.dll component. Affected versions are not explicitly disclosed, but the vulnerability impacts all F-Secure Atlant and relevant WithSecure products [1][2].
Exploitation
An attacker can exploit this vulnerability by delivering a malicious file that, when scanned by the affected product, triggers the crash. No authentication or special privileges are required; the attack is remotely exploitable if the attacker can cause the target to scan the file (e.g., via email, web download, or file share).
Impact
Successful exploitation causes the scanning engine to crash, resulting in a denial of service. This prevents the software from detecting subsequent threats until the engine is manually restarted or the system recovers, potentially leaving the system unprotected.
Mitigation
F‑Secure and WithSecure have not yet released a specific patch for this CVE in the provided references. Users should monitor the vendor security advisory pages [1][2] for updates. As a workaround, ensure scanning is performed at safe times and consider additional network defenses.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- F-Secure/All F-Secure and WithSecure Endpoint Protection products for Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protectionv5Range: All Version
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.f-secure.com/en/business/support-and-downloads/security-advisoriesmitrex_refsource_MISC
- www.withsecure.com/en/support/security-advisoriesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.