Summary: Cisco has issued security updates to address a denial-of-service (DoS) vulnerability in ClamAV, tracked as CVE-2025-20128, which could allow remote attackers to crash the antivirus scanning process. Although proof-of-concept exploit code is available, there is currently no evidence of active exploitation in the wild. The vulnerability affects the Secure Endpoint Connector software across various platforms, but overall system stability remains intact even if the vulnerability is exploited.
Threat Actor: Unknown | unknown
Victim: Cisco | Cisco
Keypoints :
- Vulnerability CVE-2025-20128 allows unauthenticated remote attackers to trigger a DoS condition on vulnerable devices.
- Exploitation involves submitting a crafted OLE2 file to ClamAV, causing the scanning process to crash.
- Cisco has also patched other vulnerabilities, including a critical privilege escalation flaw in the Meeting Management REST API.
Views: 2