CVE-2025-20128

CVE-2025-20128

Name

CVE-2025-20128

Description

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
psirt@cisco.com	https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html
psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html

Type

URI

psirt@cisco.com

https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html

psirt@cisco.com

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/09/msg00006.html

Match rules

Source package	Min version	Max version
cisco-secure-endpoint	== 7.0.5	== 7.0.5
cisco-secure-endpoint	== 6.2.19	== 6.2.19
cisco-secure-endpoint	== 7.3.3	== 7.3.3
cisco-secure-endpoint	== 7.2.13	== 7.2.13
cisco-secure-endpoint	== 6.1.5	== 6.1.5
cisco-secure-endpoint	== 6.3.1	== 6.3.1
cisco-secure-endpoint	== 6.2.5	== 6.2.5
cisco-secure-endpoint	== 7.3.5	== 7.3.5
cisco-secure-endpoint	== 6.2.1	== 6.2.1
cisco-secure-endpoint	== 7.2.7	== 7.2.7
cisco-secure-endpoint	== 7.1.1	== 7.1.1
cisco-secure-endpoint	== 6.3.5	== 6.3.5
cisco-secure-endpoint	== 6.2.9	== 6.2.9
cisco-secure-endpoint	== 7.3.1	== 7.3.1
cisco-secure-endpoint	== 6.1.7	== 6.1.7
cisco-secure-endpoint	== 7.2.11	== 7.2.11
cisco-secure-endpoint	== 7.2.3	== 7.2.3
cisco-secure-endpoint	== 7.1.5	== 7.1.5
cisco-secure-endpoint	== 6.3.3	== 6.3.3
cisco-secure-endpoint	== 7.3.9	== 7.3.9
cisco-secure-endpoint	== 6.2.3	== 6.2.3
cisco-secure-endpoint	== 6.1.9	== 6.1.9
cisco-secure-endpoint	== 7.2.5	== 7.2.5
cisco-secure-endpoint	== 6.3.7	== 6.3.7
cisco-secure-endpoint	== 1.12.3	== 1.12.3
cisco-secure-endpoint	== 1.8.0	== 1.8.0
cisco-secure-endpoint	== 1.11.1	== 1.11.1
cisco-secure-endpoint	== 1.12.4	== 1.12.4
cisco-secure-endpoint	== 1.10.0	== 1.10.0
cisco-secure-endpoint	== 1.12.0	== 1.12.0
cisco-secure-endpoint	== 1.8.1	== 1.8.1
cisco-secure-endpoint	== 1.10.1	== 1.10.1
cisco-secure-endpoint	== 1.12.1	== 1.12.1
cisco-secure-endpoint	== 1.12.6	== 1.12.6
cisco-secure-endpoint	== 1.14.0	== 1.14.0
cisco-secure-endpoint	== 1.10.2	== 1.10.2
cisco-secure-endpoint	== 1.12.2	== 1.12.2
cisco-secure-endpoint	== 1.6.0	== 1.6.0
cisco-secure-endpoint	== 1.11.0	== 1.11.0
cisco-secure-endpoint	== 1.7.0	== 1.7.0
cisco-secure-endpoint	== 1.13.0	== 1.13.0
cisco-secure-endpoint	== 1.12.7	== 1.12.7
cisco-secure-endpoint	== 1.8.4	== 1.8.4
cisco-secure-endpoint	== 1.13.1	== 1.13.1
cisco-secure-endpoint	== 1.9.0	== 1.9.0
cisco-secure-endpoint	== 1.9.1	== 1.9.1
cisco-secure-endpoint	== 1.12.5	== 1.12.5
cisco-secure-endpoint	== 1.13.2	== 1.13.2
cisco-secure-endpoint	== 8.1.7.21512	== 8.1.7.21512
cisco-secure-endpoint	== 8.1.7	== 8.1.7
cisco-secure-endpoint	== 8.1.5	== 8.1.5
cisco-secure-endpoint	== 8.1.3.21242	== 8.1.3.21242
cisco-secure-endpoint	== 8.1.3	== 8.1.3
cisco-secure-endpoint	== 8.1.5.21322	== 8.1.5.21322
cisco-secure-endpoint	== 8.1.7.21417	== 8.1.7.21417

CPE URI

Source package

Min version

Max version

cisco-secure-endpoint

== 7.0.5

cisco-secure-endpoint

== 6.2.19

cisco-secure-endpoint

== 7.3.3

cisco-secure-endpoint

== 7.2.13

cisco-secure-endpoint

== 6.1.5

cisco-secure-endpoint

== 6.3.1

cisco-secure-endpoint

== 6.2.5

cisco-secure-endpoint

== 7.3.5

cisco-secure-endpoint

== 6.2.1

cisco-secure-endpoint

== 7.2.7

cisco-secure-endpoint

== 7.1.1

cisco-secure-endpoint

== 6.3.5

cisco-secure-endpoint

== 6.2.9

cisco-secure-endpoint

== 7.3.1

cisco-secure-endpoint

== 6.1.7

cisco-secure-endpoint

== 7.2.11

cisco-secure-endpoint

== 7.2.3

cisco-secure-endpoint

== 7.1.5

cisco-secure-endpoint

== 6.3.3

cisco-secure-endpoint

== 7.3.9

cisco-secure-endpoint

== 6.2.3

cisco-secure-endpoint

== 6.1.9

cisco-secure-endpoint

== 7.2.5

cisco-secure-endpoint

== 6.3.7

cisco-secure-endpoint

== 1.12.3

cisco-secure-endpoint

== 1.8.0

cisco-secure-endpoint

== 1.11.1

cisco-secure-endpoint

== 1.12.4

cisco-secure-endpoint

== 1.10.0

cisco-secure-endpoint

== 1.12.0

cisco-secure-endpoint

== 1.8.1

cisco-secure-endpoint

== 1.10.1

cisco-secure-endpoint

== 1.12.1

cisco-secure-endpoint

== 1.12.6

cisco-secure-endpoint

== 1.14.0

cisco-secure-endpoint

== 1.10.2

cisco-secure-endpoint

== 1.12.2

cisco-secure-endpoint

== 1.6.0

cisco-secure-endpoint

== 1.11.0

cisco-secure-endpoint

== 1.7.0

cisco-secure-endpoint

== 1.13.0

cisco-secure-endpoint

== 1.12.7

cisco-secure-endpoint

== 1.8.4

cisco-secure-endpoint

== 1.13.1

cisco-secure-endpoint

== 1.9.0

cisco-secure-endpoint

== 1.9.1

cisco-secure-endpoint

== 1.12.5

cisco-secure-endpoint

== 1.13.2

cisco-secure-endpoint

== 8.1.7.21512

cisco-secure-endpoint

== 8.1.7

cisco-secure-endpoint

== 8.1.5

cisco-secure-endpoint

== 8.1.3.21242

cisco-secure-endpoint

== 8.1.3

cisco-secure-endpoint

== 8.1.5.21322

cisco-secure-endpoint

== 8.1.7.21417

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
clamav	edge-community	1.4.2-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	fixed
clamav	edge-community	1.4.1-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	possibly vulnerable
clamav	3.22-community	1.4.2-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	fixed
clamav	3.21-community	1.4.2-r0	Carlo Landmeter <clandmeter@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

clamav

edge-community

1.4.2-r0

Carlo Landmeter <clandmeter@alpinelinux.org>

fixed

clamav

edge-community