What is the CVSS score of CVE-2025-9033?

CVE-2025-9033 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Avira Antivirus are affected by CVE-2025-9033?

Avira Antivirus versions before 8.3.70.76 across Windows, macOS, and Linux can be exploited through malformed PDF files to execute code and compromise system data and availability.. A patch is available.

How to fix or mitigate CVE-2025-9033?

Within 24 hours: Inventory Avira installations and identify current versions across all endpoints. Within 7 days: Implement compensating controls and establish patch deployment procedures. Within 30 days: Apply vendor patch to version 8.3.70.76 or later when released.

Avira Antivirus CVE-2025-9033

EUVD-2025-210135 HIGH

Out-of-bounds Read (CWE-125)

2026-06-12 GEN

GHSA-8v35-94r3-25g8

Microsoft Apple Information Disclosure Buffer Overflow Avira Antivirus

7.8

CVSS 3.1 · Vendor: GEN

Severity by source

Vendor (GEN) PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

vuln.today AI

6.6 MEDIUM

AV:L/UI:R because the AV engine must scan an attacker-supplied file locally; CWE-125 is primarily a read/DoS primitive, so C:L/I:L and A:H rather than the vendor's H/H/H.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GEN).

CVSS VectorVendor: GEN

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

Jun 13, 2026 - 02:00 EUVD

Analysis Generated

Jun 12, 2026 - 23:15 vuln.today

CVE Published

Jun 12, 2026 - 22:15 cve.org

HIGH 7.8

DescriptionCVE.org

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.

This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.76.

AnalysisAI

Local code execution in Avira Antivirus engine builds before 8.3.70.76 on Windows, macOS, and Linux is triggered when the scanner processes a malformed PDF file, leading to a heap out-of-bounds read that can corrupt the antivirus engine process. CVSS 7.8 reflects the high impact on confidentiality, integrity, and availability, but exploitation requires the victim to expose the engine to the attacker's file. No public exploit identified at time of analysis.

Technical ContextAI

The flaw resides in Avira's antivirus scanning engine (cpe:2.3:a:gen_digital:avira_antivirus), which performs deep parsing of file formats including PDF to detect malware. CWE-125 (Out-of-bounds Read) here manifests as a heap buffer over-read in the PDF parsing path, meaning the parser reads beyond the bounds of an allocated heap chunk when handling a crafted PDF structure. Because the AV engine typically runs with elevated privileges (SYSTEM on Windows, root on Linux/macOS) and auto-scans files on access, untrusted file content reaches privileged parsing code, turning a parser bug into a potential privilege-relevant memory corruption primitive.

RemediationAI

Vendor-released patch: Avira Antivirus engine build 8.3.70.76 or later - update the engine on all Windows, macOS, and Linux endpoints; engine updates typically ship automatically via Avira's update channel, so verify that auto-update is enabled and that the engine version reported in the product UI is at or above 8.3.70.76. Consult the Gen Digital security advisories page at https://www.gendigital.com/us/en/contact-us/security-advisories/ for the specific advisory and any product-line-specific notes. As a compensating control until the update lands, restrict the ingress of untrusted PDFs to scanned paths (block PDF attachments at the mail gateway, restrict download of PDFs from untrusted web sources via proxy policy) - the trade-off is reduced user productivity for document workflows; disabling PDF scanning in the AV engine is not recommended because it would create a malware blind spot worse than the bug itself.

More from same product – last 7 days

CVE-2025-7002 HIGH This Week

7.8 Jun 12

Local code execution and denial-of-service in Avira Antivirus engine builds before 8.3.70.68 allow an attacker to compro

CVE-2025-7003 HIGH This Week

7.8 Jun 12

Out-of-bounds heap read in the Avira Antivirus scanning engine triggers when the engine parses a malformed PDF, allowing

CVE-2025-7017 HIGH This Week

7.8 Jun 12

Local code execution or denial-of-service in Avira Antivirus engine builds prior to 8.3.70.56 occurs when the scanner pa

CVE-2025-14098 HIGH This Week

7.8 Jun 12

Local code execution in Avira Antivirus engine builds before 8.3.70.104 on Windows, macOS, and Linux allows attackers to

CVE-2025-9032 HIGH This Week

7.8 Jun 12

Heap out-of-bounds read in the Avira Antivirus scanning engine on Windows, macOS, and Linux (engine builds before 8.3.70

CVE-2025-9033 vulnerability details – vuln.today

Back

Avira Antivirus CVE-2025-9033

Severity by source

CVSS VectorVendor: GEN

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code