Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Cisco's ClamAV Products
Alerts

Critical Vulnerability in Cisco's ClamAV Products

19 February 2023

Cisco Systems has released security updates addressing a critical buffer overflow vulnerability (CVE-2023-20032) in its ClamAV open source anti-virus engine, which is included in certain Cisco products. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or crash the process, resulting in a denial of service (DoS) condition.

The vulnerability affects the following versions of ClamAV:

  • Versions 1.0.0 and earlier

  • Versions 0.105.1 and earlier 

  • Versions 0.103.7 and earlier

The vulnerability also affects the following Cisco products:

  • Secure Endpoint, formerly Advanced Malware Protection (AMP) for Endpoints (Windows, macOS, and Linux)

  • Secure Endpoint Private Cloud

  • Secure Web Appliance, formerly Web Security Appliance

Users and administrators of affected Cisco and ClamAV product versions are advised to upgrade to the latest versions immediately.

More information is available here:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy
https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html


Back to top