A heap-based buffer overflow vulnerability in Gen Digital antivirus products poses a significant risk of local code execution or system instability when processing malicious files.

This is a heap buffer out-of-bounds write vulnerability triggered during the scanning of a malformed Windows PE file. The vulnerability resides in the shared virus definition update stream, which is processed by the local antivirus engine.

With a CVSS score of 7.8, this vulnerability is classified as High. Successful exploitation allows a local attacker to execute arbitrary code with the privileges of the antivirus process, which often operates with high system-level permissions. This could lead to full host compromise, data exfiltration, or a persistent denial-of-service condition that renders the security software ineffective.

Immediate Action: Update virus definitions to version VPS 25040308 or later immediately across all managed endpoints.

Proactive Monitoring: Monitor system logs for anomalous crashes of the antivirus service or unexpected process behavior associated with the scanning engine.

Compensating Controls: Ensure endpoint protection policies are configured to block suspicious file execution and restrict access to sensitive system directories where possible.

Public Exploit Available: false

Given the widespread nature of the affected Gen Digital products, organizations must prioritize the deployment of the updated virus definitions. Administrators should verify that all endpoints, including remote and mobile assets, have successfully synchronized with the updated definition stream to mitigate this high-severity risk.