CVE-2022-28886
MEDIUMF-Secure Cloud Protection for Salesforce - Denial of Service via PE File Unpacking
Title source: llmDescription
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.f-secure.com/en/business/support-and-downloads/security-advisories
Third Party Advisory x_refsource_misc
https://www.withsecure.com/en/support/security-advisories
Scores
CVSS v3
4.3
EPSS
0.0040
EPSS Percentile
31.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-835
Status
published
Products (5)
f-secure/cloud_protection_for_salesforce
f-secure/collaboration_protection
f-secure/elements_endpoint_protection
f-secure/internet_gatekeeper
f-secure/linux_security
Published
Sep 23, 2022
Tracked Since
Feb 18, 2026