"Cisco Issues Patch for Critical Vulnerability in Open-Source ClamAV Antivirus"

Cisco has released a patch for a critical vulnerability found in its ClamAV open-source antivirus software. Cisco said that the issue, tracked as CVE-2023-2003, could enable Remote Code Execution on vulnerable devices and was given a "critical" rating of 9.8. It was discovered that the vulnerability impacts versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7. Cisco stated in an alert published on February 15 that the flaw impacted the ClamAV HFS+ file parser and could allow an "unauthenticated, remote attacker to execute arbitrary code" with the same privileges as the scanning process. According to the company, this vulnerability can also result in a Denial-of-Service (DoS) condition. This vulnerability stems from a missing buffer size check, which could lead to a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a specially crafted HFS+ partition file for ClamAV to scan on a vulnerable system. This article continues to discuss the potential impact and exploitation of the critical vulnerability discovered in the open-source ClamAV antivirus software. 

ITPro reports "Cisco Issues Patch for Critical Vulnerability in Open-Source ClamAV Antivirus"