Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-9033
PUBLISHED
More InfoOfficial Page
Assigner-GEN
Assigner Org ID-dbd8429d-f261-4b1e-94cc-ae3132817e2e
View Known Exploited Vulnerability (KEV) details
Published At-12 Jun, 2026 | 22:15
Updated At-12 Jun, 2026 | 22:15
Rejected At-
▼CVE Numbering Authority (CNA)
Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 3)

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.76.

Affected Products
Vendor
Gen Digital
Product
Avira Antivirus
Platforms
  • Windows
  • macOS
  • Linux
Default Status
affected
Versions
Affected
  • From 0 before 8.3.70.76 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-549CAPEC-549 Local Execution of Code
CAPEC ID: CAPEC-549
Description: CAPEC-549 Local Execution of Code
Solutions

Upgrade to Avira scan engine build 8.3.70.76 or any later engine release. Builds at or above 8.3.70.76 include the fix.

Configurations
Workarounds
Exploits
Credits
reporter
Mike Zhang, an independent security researcher
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.gendigital.com/us/en/contact-us/security-advisories/
N/A
Hyperlink: https://www.gendigital.com/us/en/contact-us/security-advisories/
Resource: N/A
Details not found