CVE-2025-7009
Received Received - Intake
Heap Buffer Out-of-Bounds Read in Avast Antivirus

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: NortonLifeLock Inc.

Description
Heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310. The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-13
EPSS Evaluated
N/A
NVD
CVE-2025-7009
EUVD
EUVD-2025-210128
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
avast avast_antivirus to 25021310 (exc)
avast avg_antivirus to 25021310 (exc)
norton_lifelock norton_antivirus to 25021310 (exc)
avast avast_one to 25021310 (exc)
avast avast_business_antivirus to 25021310 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap buffer out-of-bounds read in Avast Antivirus products when scanning a malformed Windows PE file.

It occurs because the antivirus scanning logic improperly handles certain malformed files, which can lead to reading memory outside the intended buffer.

This flaw may allow local attackers to execute code or cause a denial-of-service (DoS) by crashing the antivirus process.

Impact Analysis

The vulnerability can impact you by allowing a local attacker to execute arbitrary code on your system or cause the antivirus process to crash, resulting in a denial-of-service.

This could compromise the security of your device by bypassing antivirus protections or causing interruptions in antivirus functionality.

Mitigation Strategies

To mitigate this vulnerability, ensure that your Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, or Avast Business Antivirus product is updated to virus definition build VPS 25021310 or later.

Install the latest virus definition updates delivered through the Gen Digital virus definition update stream, as installations at or above this build are not vulnerable regardless of the product consuming the stream.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7009. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart