Critical Vulnerability Patched in Cisco Security Products
16-Feb-23
On Wednesday, Cisco released upgrades for its endpoint, cloud, and online security solutions in order to fix a serious flaw in ClamAV, a third-party scanning library. ClamAV is a free, cross-platform antimalware toolkit that can find viruses, trojans, and other kinds of malware.
The library’s maintainers released two significant fixes on February 15 to fix two vulnerabilities, the most serious of which might result in remote code execution. The CVE-2023-20032 bug, which affects ClamAV versions 0.103.7 and earlier, 0.105.1 and earlier, and 1.0.0 and earlier, affects the HFS+ file parser and has a CVSS score of 9.8.
