CVE-2022-38166

In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:f-secure:elements_endpoint_protection:-:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

29 Apr 2025, 15:15

Type Values Removed Values Added
CWE CWE-248

21 Nov 2024, 07:15

Type Values Removed Values Added
References () https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 - Vendor Advisory () https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 - Vendor Advisory

30 Nov 2022, 21:10

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:f-secure:elements_endpoint_protection:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
References (MISC) https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 - (MISC) https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166 - Vendor Advisory

27 Nov 2022, 04:15

Type Values Removed Values Added
Summary In F?Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service. In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.

25 Nov 2022, 18:42

Type Values Removed Values Added
New CVE

Information

Published : 2022-11-25 15:15

Updated : 2025-04-29 15:15


NVD link : CVE-2022-38166

Mitre link : CVE-2022-38166

CVE.ORG link : CVE-2022-38166


JSON object : View

Products Affected

apple

  • macos

microsoft

  • windows

f-secure

  • elements_endpoint_protection
CWE
NVD-CWE-noinfo CWE-248

Uncaught Exception