skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Cisco Releases Updates for ClamAV DoS Vulnerability

/ 1 min read

🦠 Cisco addresses critical ClamAV DoS vulnerability with security updates. Cisco has released security updates to mitigate a denial-of-service (DoS) vulnerability in ClamAV, tracked as CVE-2025-20128, which could allow unauthenticated remote attackers to crash the antivirus scanning process. This vulnerability arises from a heap-based buffer overflow in the OLE2 decryption routine, potentially disrupting scanning operations on affected devices. Although proof-of-concept exploit code is available, Cisco’s Product Security Incident Response Team (PSIRT) reports no evidence of active exploitation. The updates also address additional vulnerabilities in Cisco BroadWorks and the Meeting Management REST API, emphasizing the importance of timely patching to maintain system security.

Source
{entry.data.source.title}
Original