CVE-2022-28875 : What You Need to Know
Learn about CVE-2022-28875, a DoS vulnerability in F-Secure Atlant & WithSecure products allowing remote attackers to crash the scanning engine. Find out the impact, mitigation steps, and patch details.
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and certain WithSecure products that can crash the scanning engine when scanning the aemobile component, potentially triggered remotely by an attacker.
Understanding CVE-2022-28875
This CVE relates to a DoS vulnerability affecting various F-Secure endpoint protection products for Windows and Mac, F-Secure Linux Security, F-Secure Atlant, and WithSecure Cloud Protection for Salesforce & Collaboration Protection.
What is CVE-2022-28875?
CVE-2022-28875 is a medium-severity vulnerability that allows remote attackers to trigger a crash in the scanning engine, affecting the availability of the impacted systems.
The Impact of CVE-2022-28875
With a CVSS base score of 4.3, this vulnerability has a low impact on confidentiality, integrity, and availability. However, high privileges are required to exploit the vulnerability, emphasizing the significance of prompt mitigation.
Technical Details of CVE-2022-28875
Vulnerability Description
The vulnerability occurs in the scanning of the aemobile component in F-Secure Atlant and certain WithSecure products, leading to a DoS condition.
Affected Systems and Versions
All F-Secure & WithSecure endpoint protection products for Windows and Mac, F-Secure Linux Security (32-bit), F-Secure Linux Security (64-bit), F-Secure Atlant, WithSecure Cloud Protection for Salesforce & Collaboration Protection.
Exploitation Mechanism
By scanning the aemobile component, an attacker can remotely trigger a crash in the scanning engine, causing a DoS condition.
Mitigation and Prevention
Immediate Steps to Take
No user action is required to address this vulnerability. An automatic update containing the necessary fix was released through the Capricorn database on 2022-05-16.
Long-Term Security Practices
Ensure that systems are regularly updated with the latest security patches and maintain strict access controls to minimize the risk of exploitation.
Patching and Updates
Stay informed about security advisories from F-Secure and WithSecure to promptly apply patches and updates that address known vulnerabilities.