A heap-based buffer over-read vulnerability in Gen Digital security software could be leveraged by an attacker to crash the antivirus service or potentially execute unauthorized code.

This vulnerability involves a heap buffer out-of-bounds read occurring when the antivirus engine scans malformed Windows PE files containing .NET metadata. The flaw is present within the shared virus definition scanning logic.

The vulnerability carries a CVSS score of 7.8, indicating a high level of risk. An attacker can exploit this flaw to induce a denial-of-service by crashing the security agent, effectively blinding the host to further threats, or potentially gain unauthorized code execution. The impact is significant as it undermines the integrity of the primary security defense on the affected endpoints.

Immediate Action: Deploy virus definition update VPS 25021310 or newer to all affected systems.

Proactive Monitoring: Review security agent logs for recurring process failures or unexpected service restarts.

Compensating Controls: Utilize application allow-listing and EDR monitoring to detect and block the execution of malformed or suspicious PE files while updates are being deployed.

Public Exploit Available: false

Security teams should ensure that the update cycle for virus definitions is strictly enforced. Because this vulnerability exists within the scanning engine itself, standard security posture is insufficient without the specific patch provided in the latest virus definition build.