How severe is CVE-2025-20128?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2025-20128?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2025-20128 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2018-1120

MEDIUM

CVSS:5.3(Medium)

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cau...

CWE-1222018

CVE-2018-7519

MEDIUM

CVSS:5.3(Medium)

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.

CWE-1222018

CVE-2022-0713

MEDIUM

CVSS:5.3(Medium)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.

CWE-1222022

CVE-2022-1437

MEDIUM

CVSS:5.3(Medium)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read...

CWE-1222022

CVE-2024-21596

MEDIUM

CVSS:5.3(Medium)

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of...

CWE-1222024

CVE-2024-29013

MEDIUM

CVSS:5.3(Medium)

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.

CWE-1222024