CVE-2022-28880
MEDIUMF-Secure Atlant & WithSecure Elements EDR - DoS via Fuzzed PE32-bit File
Title source: llmDescription
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.
References (2)
Core 2
Core References
Not Applicable, Vendor Advisory x_refsource_misc
https://www.withsecure.com/en/expertise/people
Not Applicable, Vendor Advisory x_refsource_misc
https://www.f-secure.com/en/home/support/vulnerability-reward-program/hall-of-fame
Scores
CVSS v3
4.3
EPSS
0.0041
EPSS Percentile
33.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (9)
F-Secure/All F-Secure and WithSecure Endpoint Protection products for Mac F-Secure Linux Security (32-bit) F-Secure Linux Security (64-bit) F-Secure Atlant F-Secure Internet Gatekeeper WithSecure Cloud Protect
All Version
f-secure/atlant
f-secure/cloud_protection_for_salesforce
f-secure/elements_collaboration_protection
f-secure/elements_endpoint_detection_and_response
f-secure/elements_endpoint_protection
f-secure/internet_gatekeeper
f-secure/linux_security
f-secure/linux_security_64
Published
Aug 05, 2022
Tracked Since
Feb 18, 2026