CVE-2020-9342

low-risk
Published 2020-02-22

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.

Do I need to act?

-
0.25% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (3)

Cloud Protection For Salesforce
Email And Server Security

Affected Vendors

F-Secure

References (8)

Third Party Advisory http://packetstormsecurity.com/files/156506/F-SECURE-Generic-Malformed-Container...
Mailing List http://seclists.org/fulldisclosure/2020/Feb/33
Third Party Advisory https://blog.zoller.lu/p/tzo-16-2020-f-secure-generic-malformed.html
Mailing List https://seclists.org/bugtraq/2020/Feb/33
Third Party Advisory http://packetstormsecurity.com/files/156506/F-SECURE-Generic-Malformed-Container...
Mailing List http://seclists.org/fulldisclosure/2020/Feb/33
Third Party Advisory https://blog.zoller.lu/p/tzo-16-2020-f-secure-generic-malformed.html
Mailing List https://seclists.org/bugtraq/2020/Feb/33
28
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 9/34 · Low