CVE-2025-7005: CWE-674 Uncontrolled Recursion in Gen Digital Avast Antivirus
CVE-2025-7005 is an uncontrolled recursion vulnerability in Gen Digital's Avast Antivirus scanning engine that can cause a denial-of-service condition when scanning a malformed Windows PE file. This affects multiple Gen Digital antivirus products on Windows, macOS, and Linux platforms using virus definition builds prior to VPS 25031700. The vulnerability does not impact confidentiality or integrity but can cause the antivirus process to crash or become unresponsive. The issue is mitigated by updating virus definitions to build VPS 25031700 or later, which are not vulnerable regardless of the product consuming the shared scanning engine.
AI Analysis
Technical Summary
This vulnerability involves uncontrolled recursion in the scanning logic of Gen Digital's antivirus engine when processing a malformed Windows PE file. The affected scanning engine is shared across several Gen Digital antivirus products, including Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on multiple operating systems. The vulnerability can lead to a denial-of-service (DoS) by causing the antivirus process to crash or hang. The virus definition update stream delivering the scanning logic is the vector for mitigation; virus definition builds at or above VPS 25031700 contain the fix. No direct patch for the antivirus software itself is indicated, as the fix is distributed through updated virus definitions.
Potential Impact
Successful exploitation results in denial-of-service of the antivirus process, potentially reducing endpoint protection availability. There is no impact on confidentiality or integrity of data. The vulnerability requires local access with low complexity and user interaction. The attack vector is local, and privileges are not required, but user interaction is necessary to trigger the scan of a malformed file.
Mitigation Recommendations
Update virus definitions to build VPS 25031700 or later to remediate this vulnerability. All installations at or above this virus definition build are not vulnerable. No additional action is required beyond ensuring virus definitions are current. Since the fix is delivered via the virus definition update stream, maintaining up-to-date definitions is the primary mitigation.
CVE-2025-7005: CWE-674 Uncontrolled Recursion in Gen Digital Avast Antivirus
Description
CVE-2025-7005 is an uncontrolled recursion vulnerability in Gen Digital's Avast Antivirus scanning engine that can cause a denial-of-service condition when scanning a malformed Windows PE file. This affects multiple Gen Digital antivirus products on Windows, macOS, and Linux platforms using virus definition builds prior to VPS 25031700. The vulnerability does not impact confidentiality or integrity but can cause the antivirus process to crash or become unresponsive. The issue is mitigated by updating virus definitions to build VPS 25031700 or later, which are not vulnerable regardless of the product consuming the shared scanning engine.
CVSS v3.1
Score 5.5medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves uncontrolled recursion in the scanning logic of Gen Digital's antivirus engine when processing a malformed Windows PE file. The affected scanning engine is shared across several Gen Digital antivirus products, including Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on multiple operating systems. The vulnerability can lead to a denial-of-service (DoS) by causing the antivirus process to crash or hang. The virus definition update stream delivering the scanning logic is the vector for mitigation; virus definition builds at or above VPS 25031700 contain the fix. No direct patch for the antivirus software itself is indicated, as the fix is distributed through updated virus definitions.
Potential Impact
Successful exploitation results in denial-of-service of the antivirus process, potentially reducing endpoint protection availability. There is no impact on confidentiality or integrity of data. The vulnerability requires local access with low complexity and user interaction. The attack vector is local, and privileges are not required, but user interaction is necessary to trigger the scan of a malformed file.
Mitigation Recommendations
Update virus definitions to build VPS 25031700 or later to remediate this vulnerability. All installations at or above this virus definition build are not vulnerable. No additional action is required beyond ensuring virus definitions are current. Since the fix is delivered via the virus definition update stream, maintaining up-to-date definitions is the primary mitigation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GEN
- Date Reserved
- 2025-07-02T07:43:53.447Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2c871ae617e2d834ccce16
Added to database: 6/12/2026, 10:24:26 PM
Last enriched: 6/12/2026, 10:40:40 PM
Last updated: 6/13/2026, 4:19:18 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.