CVE-2022-28880

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.

medium 4.3 CVSS 3.1

Published: Aug 5, 2022

Modified: Jun 2, 2026

Vendor: F-Secure

Product: Elements Endpoint Detection And Response

Description

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.

References

https://www.f-secure.com/en/home/support/vulnerability-reward-program/hall-of-fame
https://www.withsecure.com/en/expertise/people
https://www.f-secure.com/en/home/support/vulnerability-reward-program/hall-of-fame
https://www.withsecure.com/en/expertise/people

CVSS Breakdown

Version	3.1
Score	4.3 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

Weakness (CWE)

CWE-400

Affected Product

Vendor	F-Secure
Product	Elements Endpoint Detection And Response