What is the CVSS score of CVE-2025-7019?

CVE-2025-7019 has a CVSS 3.1 base score of 5.5 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2025-7019?

Yes, a patch is available for CVE-2025-7019. Update the affected software to the latest version immediately.

Avast Antivirus CVE-2025-7019

EUVD-2025-210133 MEDIUM

Stack-based Buffer Overflow (CWE-121)

2026-06-12 GEN

GHSA-5rmp-977f-x986

Microsoft Stack Overflow Buffer Overflow Apple Avast Antivirus Avg Antivirus Norton Antivirus Avast One Avast Business Antivirus

5.5

CVSS 3.1 · Vendor: GEN

Severity by source

Vendor (GEN) PRIMARY

5.5 MEDIUM

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

vuln.today AI

5.5 MEDIUM

Local file scan trigger requires no privileges but demands user interaction; impact is strictly availability (AV process crash), with no confidentiality or integrity effect.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.0 AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GEN).

CVSS VectorVendor: GEN

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch available

Jun 13, 2026 - 02:00 EUVD

Analysis Generated

Jun 12, 2026 - 22:49 vuln.today

CVE Published

Jun 12, 2026 - 22:14 cve.org

MEDIUM 5.5

DescriptionCVE.org

Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process.

This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25020100.

The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.

AnalysisAI

Stack overflow in Gen Digital's shared antivirus scanning engine crashes the AV process when it parses a malformed Office Open XML (OOXML) file, causing a Denial-of-Service condition. The flaw affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus across Windows, macOS, and Linux - all products that consume the same Gen Digital VPS (virus definition) update stream. No active exploitation or public exploit code has been identified at time of analysis; the impact is limited to availability (AV process crash) with no confidentiality or integrity consequences.

Technical ContextAI

The root cause is CWE-121 (Stack-based Buffer Overflow) within the Office Open XML parsing logic embedded in Gen Digital's shared virus definition engine. OOXML is the container format used by Microsoft Office documents (.docx, .xlsx, .pptx); its complex ZIP-based structure with nested XML streams presents a large attack surface for malformed input. The vulnerable parsing code is not product-specific - it is delivered via a centralized VPS (virus pattern/signature) update stream shared across all Gen Digital consumer and business antivirus products. Affected CPEs span five product lines under the gen_digital vendor namespace: cpe:2.3:a:gen_digital:avast_antivirus, avg_antivirus, norton_antivirus, avast_one, and avast_business_antivirus - all with wildcard version ranges indicating broad version exposure prior to the definition fix.

RemediationAI

The primary fix is ensuring virus definitions are updated to VPS 25020100 or later. Because the vulnerable scanning logic is delivered through Gen Digital's automated VPS update stream, installations with automatic definition updates enabled will receive the fix without manual intervention - administrators should verify that endpoints are not blocking definition updates or running in offline/air-gapped mode. For environments where definition updates are managed centrally (e.g., Avast Business), confirm the VPS build version in the management console is at or above 25020100. There is no documented workaround for disabling OOXML scanning selectively without impairing protection; the recommended mitigation for air-gapped systems is to manually push the VPS 25020100 definition package via the vendor's offline update mechanism. Refer to the Gen Digital advisory at https://www.gendigital.com/us/en/contact-us/security-advisories/ for distribution-specific guidance.

More from same product – last 7 days

CVE-2025-7004 HIGH This Week

7.8 Jun 12

Heap out-of-bounds write in Gen Digital's shared antivirus scanning engine allows local code execution or denial of serv

CVE-2025-7008 HIGH This Week

7.8 Jun 12

Out-of-bounds heap read in the Gen Digital antivirus scanning engine (Avast, AVG, Norton, Avast One, Avast Business) all

CVE-2025-7009 HIGH This Week

7.8 Jun 12

Local code execution or antivirus-process denial-of-service in Gen Digital's shared scanning engine (Avast Antivirus, AV

CVE-2025-7011 HIGH This Week

7.8 Jun 12

Local code execution and denial-of-service in Gen Digital antivirus engines (Avast, AVG, Norton, Avast One, Avast Busine

CVE-2025-7005 MEDIUM This Month

5.5 Jun 12

Uncontrolled recursion in the Gen Digital shared scanning engine crashes the antivirus process when it encounters a spec

CVE-2025-7019 vulnerability details – vuln.today

Back

Avast Antivirus CVE-2025-7019

Severity by source

CVSS VectorVendor: GEN

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code