Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine


Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger the issue to gain remote code execution on vulnerable devices or trigger a DoS condition.

Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser.

The vulnerability affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. The company acknowledged Simon Scannell from Google for reporting this issue.

The vulnerability is a buffer overflow issue affecting the ClamAV scanning library, it is due to a missing buffer size check.

Read more…