Denial-of-Service (DoS) Vulnerability
Description
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Crash in F-Secure Atlant/WithSecure scanning engine when processing fuzzed PE32 files, enabling remote denial-of-service.
Vulnerability
A Denial-of-Service vulnerability exists in the F-Secure Atlant engine and certain WithSecure products [1]. The bug is triggered during the scanning of fuzzed PE32-bit files, where an unknown code path causes the scanning engine to crash. Affected versions are not explicitly disclosed in the available references, but the vulnerability was published on 2022-08-05.
Exploitation
An attacker can remotely trigger the exploit by sending a specially crafted, fuzzed PE32-bit file to the target system for scanning. The exact level of access or network position required is not detailed, but the vector is remote, meaning no local authentication is necessarily required to trigger the crash.
Impact
Successful exploitation causes the scanning engine to crash, resulting in a Denial-of-Service (DoS) condition. This can disrupt malware scanning capabilities, potentially allowing malicious files to go undetected or impacting the availability of the security service.
Mitigation
The available references do not provide a specific fixed version or release date. As the advisory is from a vendor's expert page without direct patch notes, users should consult official F-Secure or WithSecure security bulletins for updated versions. No workaround is described. If no patch is available, the vulnerability remains exploitable until a fix is applied.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- F-Secure/All F-Secure and WithSecure Endpoint Protection products for Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protection for Salesforce WithSecure Collaboration Protectionv5Range: All Version
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.f-secure.com/en/home/support/vulnerability-reward-program/hall-of-famemitrex_refsource_MISC
- www.withsecure.com/en/expertise/peoplemitrex_refsource_MISC
News mentions
0No linked articles in our index yet.