What is the CVSS score of CVE-2025-14098?

CVE-2025-14098 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Avira Antivirus are affected by CVE-2025-14098?

Avira Antivirus versions before 8.3.70.104 on Windows, macOS, and Linux contain a local code execution vulnerability that allows attackers to compromise the antivirus engine itself, disabling…. A patch is available.

How to fix or mitigate CVE-2025-14098?

Within 24 hours: Inventory all Avira Antivirus installations across Windows, macOS, and Linux systems to document current versions and identify affected environments. Within 7 days: Verify Avira Antivirus version 8.3.70.104 compatibility with production environments, test in non-production, and finalize deployment plan. Within 30 days: Deploy Avira Antivirus 8.3.70.104 or later to all affected systems and confirm successful upgrades.

Avira Antivirus CVE-2025-14098

EUVD-2025-210136 HIGH

Out-of-bounds Write (CWE-787)

2026-06-12 GEN

GHSA-575m-c8qr-pcg3

Microsoft Memory Corruption Buffer Overflow Apple Avira Antivirus

7.8

CVSS 3.1 · Vendor: GEN

Severity by source

Vendor (GEN) PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

vuln.today AI

7.8 HIGH

Malicious file must reach the host (AV:L) and be scanned via user/system action (UI:R); no AV auth needed (PR:N); engine runs with high privilege so successful OOB write yields full C/I/A impact.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GEN).

CVSS VectorVendor: GEN

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

Jun 13, 2026 - 02:00 EUVD

Analysis Generated

Jun 12, 2026 - 23:16 vuln.today

CVE Published

Jun 12, 2026 - 22:16 cve.org

HIGH 7.8

DescriptionCVE.org

Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.104.

AnalysisAI

Local code execution in Avira Antivirus engine builds before 8.3.70.104 on Windows, macOS, and Linux allows attackers to trigger a heap buffer out-of-bounds write by having the engine scan a malformed MS-DOS executable. The flaw stems from an integer overflow during parsing and can also crash the antivirus engine process, with no public exploit identified at time of analysis.

Technical ContextAI

The vulnerability lives in Avira's scanning engine (cpe:2.3:a:gen_digital:avira_antivirus), specifically the parser that processes MS-DOS executable (MZ) headers. An integer overflow occurs while computing a size or offset value from attacker-controlled fields in a crafted MZ binary, producing a smaller-than-expected heap allocation or wrap-around index that is subsequently used in a copy operation. This is a classic CWE-787 out-of-bounds write on the heap, where corrupted adjacent metadata (chunk headers, function pointers, vtables in the scan engine process) can be leveraged for control-flow hijack on Windows, macOS, and Linux engine builds prior to 8.3.70.104.

RemediationAI

Vendor-released patch: Avira Antivirus engine build 8.3.70.104 or later - update the antivirus engine on all Windows, macOS, and Linux endpoints via the standard Avira/Gen Digital update channel and verify the engine version post-update, since product UI versions differ from engine builds. Refer to the Gen Digital security advisories page at https://www.gendigital.com/us/en/contact-us/security-advisories/ for the formal bulletin. As a temporary compensating control where immediate update is not possible, restrict the AV from scanning untrusted/quarantine directories containing unvetted MZ executables or disable on-access scanning of legacy MS-DOS executables; note this materially weakens malware coverage and should only bridge the time until the engine update propagates.

More from same product – last 7 days

CVE-2025-7002 HIGH This Week

7.8 Jun 12

Local code execution and denial-of-service in Avira Antivirus engine builds before 8.3.70.68 allow an attacker to compro

CVE-2025-7003 HIGH This Week

7.8 Jun 12

Out-of-bounds heap read in the Avira Antivirus scanning engine triggers when the engine parses a malformed PDF, allowing

CVE-2025-7017 HIGH This Week

7.8 Jun 12

Local code execution or denial-of-service in Avira Antivirus engine builds prior to 8.3.70.56 occurs when the scanner pa

CVE-2025-9032 HIGH This Week

7.8 Jun 12

Heap out-of-bounds read in the Avira Antivirus scanning engine on Windows, macOS, and Linux (engine builds before 8.3.70

CVE-2025-9033 HIGH This Week

7.8 Jun 12

Local code execution in Avira Antivirus engine builds before 8.3.70.76 on Windows, macOS, and Linux is triggered when th

CVE-2025-14098 vulnerability details – vuln.today

Back

Avira Antivirus CVE-2025-14098

Severity by source

CVSS VectorVendor: GEN

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code