What is CVE-2025-1367?

A critical buffer overflow vulnerability has been identified in MicroWord eScan Antivirus 7.0.32 for Linux, affecting local operations. Organizations should address this vulnerability promptly.

What is the severity of CVE-2025-1367?

CVE-2025-1367 has a severity rating of MEDIUM with a CVSS base score of 4.8.

CVE-2025-1367 | Medium Vulnerability in MicroWord eScan Antivirus

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This vulnerability allows the function sprintf of the component USB Password Handler to lead to a buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. Risk to organizations includes potential unauthorized access to sensitive data.

The vulnerability has a CVSS score of 4.8, indicating a medium severity level. Organizations should prioritize patching immediately due to the potential risks associated with local exploitation.

Current exploitation status indicates that there is known exploit data available, although no public proof of concept (PoC) is confirmed. Security teams should remain vigilant and monitor local systems for any irregularities.

Given the nature of the vulnerability and its impacts, organizations using MicroWord eScan Antivirus must address this issue in their priority patch cycle to mitigate potential threats.

Vulnerability Details

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been classified as critical. This affects the function sprintf of the component USB Password Handler. The manipulation leads to buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way.

The CVSS score for this vulnerability is 4.8, categorized under medium severity, suggesting a local attack vector with low complexity and low privileges required. The impacts on confidentiality, integrity, and availability are also assessed as low.

Technical Analysis

The root cause of this vulnerability stems from improper handling of input within the USB Password Handler component, specifically in the sprintf function. This can allow an attacker with local access to exploit the vulnerability due to low attack complexity.

Attack complexity is assessed as low with minimal privileges required. User interaction is not necessary, thus increasing the risk of exploitation. The impacts on confidentiality, integrity, and availability are noted as low, indicating localized risks.

Risk & Impact Analysis

Real-world deployment of this vulnerability poses a risk to organizations using the affected MicroWord eScan Antivirus. The blast radius is limited to local systems, but if exploited, it could lead to unauthorized access and potential data leaks.

Organizations should assess their exposure and prioritize patching this vulnerability immediately. Given the current CVSS score of 4.8, this should be classified as a medium severity issue requiring prompt attention.

Signal	Status
Known Exploit	Yes
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected version for this vulnerability is MicroWord eScan Antivirus 7.0.32. Organizations should note that all versions prior to vendor patch are vulnerable.

Mitigation & Remediation

Organizations should prioritize patching immediately to address this vulnerability. Ensure that systems are updated to the latest version of MicroWord eScan Antivirus. If a patch is unavailable, organizations should consider implementing configuration hardening and restricting access to the affected systems.

For further assistance with security assessments, organizations may consider engaging in penetration testing to validate their security posture.

Detection Guidance

To monitor for this vulnerability, organizations should look for log indicators related to the USB Password Handler operations. Behavioral anomalies and unexpected system changes should be noted, particularly in local access contexts.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability highlights the importance of robust security practices in local environments. It reflects a pattern where local vulnerabilities can lead to significant risks if not addressed promptly.

Security teams should prioritize proactive measures against such vulnerabilities, including regular vulnerability assessments and timely patch management.

For more insights on penetration testing methodologies, refer to our penetration testing methodology guide.

Additionally, organizations should implement effective vulnerability management programs to identify and mitigate similar risks in the future.

Lastly, leveraging API penetration testing can also help in securing applications against local vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-1367: Medium Vulnerability in MicroWord eScan Antivirus