Cisco ClamAV Anti-Malware Scanner Vulnerable to Serious Security Flaw

More particularly, a vulnerability in the ClamAV scanning library (tracked as CVE-2023-20032) created a critical security risk for Cisco’s Secure Web Appliance as well as various versions of Cisco Secure Endpoint (including Windows, MacOS, Linux, and cloud).

Cisco released an advisory on the vulnerability – alongside patches for affected products – last week. Although the vulnerability is not under active attack, patching is nonetheless recommended.

The partition scanning buffer overflow vulnerability poses a critical risk to vulnerable technologies.