CVE-2022-28884

MEDIUM

F-Secure/WithSecure - DoS

Title source: llm

Description

A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine.

References (2)

[Vendor Advisory] https://www.withsecure.com/en/support/security-advisories

[Vendor Advisory] https://www.withsecure.com/en/expertise/people

Scores

CVSS v3 4.3

EPSS 0.0034

EPSS Percentile 56.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

Details

CWE

CWE-835

Status published

Products (4)

f-secure/internet_gatekeeper

f-secure/linux_security

withsecure/business_suite

withsecure/elements_endpoint_protection

Published Sep 06, 2022

Tracked Since Feb 18, 2026