CVE-2025-7003

Vulnerability

A heap buffer out-of-bounds read vulnerability exists in the Avira Antivirus engine when scanning a malformed PDF file. The flaw resides in the PDF parsing component of the engine. Affected versions are engine builds before 8.3.70.56 on Windows, macOS, and Linux.

Exploitation

An attacker can exploit this vulnerability by providing a specially crafted PDF file that, when scanned by the Avira Antivirus engine, triggers a heap buffer out-of-bounds read. No authentication is required beyond the ability to deliver the file to a system running the affected software. The user does not need to open the file; the antivirus engine may scan it automatically upon access or download.

Impact

Successful exploitation may allow local execution of arbitrary code in the context of the antivirus engine process, or cause a denial-of-service condition by crashing the engine. The exact privilege level achieved depends on the engine's permissions, but the vulnerability is rated High with a CVSS v3 score of 7.8.

Mitigation

The vulnerability is fixed in Avira Antivirus engine version 8.3.70.56 and later. Users should update their antivirus software to the latest version. No workarounds are available. The issue is not listed in the CISA Known Exploited Vulnerabilities catalog as of the publication date.