Vulnerabilities > CVE-2022-38166 - Unspecified vulnerability in F-Secure Elements Endpoint Protection

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

f-secure

NVD

Published: 2022-11-25

Updated: 2022-11-30

Summary

In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure Elements Endpoint Protection -	1
OS	Microsoft Microsoft Windows -	1
OS	Apple Apple Macos -	1

References

https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166