5.5
CVE-2025-7018
- EPSS 0.11%
- Veröffentlicht 12.06.2026 22:16:49
- Zuletzt bearbeitet 15.06.2026 20:49:19
- Quelle security@nortonlifelock.com
- CVE-Watchlists
- Unerledigt
Avira antivirus engine null pointer dereference when scanning a malformed PE file
Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerGen Digital
≫
Produkt
Avira Antivirus
Default Statusaffected
Version
0
Version <
8.3.70.64
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.016 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@nortonlifelock.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://www.gendigital.com/us/en/contact-us/security-advisories/