Security News > 2023 > February > Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices.
"This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write," Cisco Talos said in an advisory.
"An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device."
"This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection," Cisco noted.
"An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device."
Cisco separately also resolved a denial-of-service vulnerability impacting Cisco Nexus Dashboard and two other privilege escalation and command injection flaws in Email Security Appliance and Secure Email and Web Manager.
News URL
https://thehackernews.com/2023/02/critical-rce-vulnerability-discovered.html
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Vuls: Open-source agentless vulnerability scanner (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version (source)