Summary: Cisco has issued a security advisory regarding a vulnerability in ClamAV’s OLE2 file decryption routine, tracked as CVE-2025-20128. This vulnerability could allow unauthenticated remote attackers to cause a denial of service (DoS) condition on affected devices by exploiting an integer underflow during a bounds check. Cisco has released patched versions to address this flaw and advises customers to update their systems promptly.
Threat Actor: Unauthenticated Remote Attackers | unauthenticated remote attackers
Victim: ClamAV Users | ClamAV
Keypoints :
- Vulnerability CVE-2025-20128 allows for denial of service due to an integer underflow in ClamAV.
- Affects multiple platforms including Linux, Mac, and Windows with specific fixed versions released.
- Patched versions of ClamAV (1.4.2 and 1.0.8) are available, and customers are urged to update immediately.
Source: https://securityonline.info/proof-of-concept-found-for-clamav-dos-flaw-cve-2025-20128/