CVE-2025-7019
Received Received - Intake
Stack Overflow in Avast Antivirus via Malformed OOXML File

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: NortonLifeLock Inc.

Description
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25020100. The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine. Mitigation flows through this update channel; installations at or above the listed build are not vulnerable regardless of which product consumes the stream.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-13
AI Q&A
2026-06-13
EPSS Evaluated
N/A
NVD
CVE-2025-7019
EUVD
EUVD-2025-210133
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
avast avast_antivirus to 25020100 (exc)
avast avg_antivirus to 25020100 (exc)
norton_lifelock norton_antivirus to 25020100 (exc)
avast avast_one to 25020100 (exc)
avast avast_business_antivirus to 25020100 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack overflow issue in Avast Antivirus products when scanning a malformed Office Open XML file. The flaw occurs in the scanning logic shared across multiple antivirus products from Gen Digital, including Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux.

The stack overflow may cause the antivirus process to crash, leading to a Denial-of-Service (DoS) condition.

Compliance Impact

The vulnerability is a stack overflow in Avast Antivirus products that may allow a denial-of-service (DoS) condition of the antivirus process when scanning a malformed Office Open XML file.

There is no information provided about any impact on data confidentiality, integrity, or availability beyond the DoS effect on the antivirus process.

Because the vulnerability does not indicate any compromise or leakage of personal or sensitive data, there is no direct information on how it affects compliance with standards like GDPR or HIPAA.

Impact Analysis

The primary impact of this vulnerability is a Denial-of-Service (DoS) condition on the antivirus process. This means that when the antivirus scans a specially crafted malformed Office Open XML file, the scanning process may crash or stop functioning.

As a result, the antivirus protection could be temporarily disabled or impaired, potentially leaving the system more vulnerable to malware or other threats during that time.

Mitigation Strategies

To mitigate this vulnerability, ensure that your Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, or Avast Business Antivirus installations are updated to virus definition builds at or above VPS 25020100.

Since the affected scanning logic is delivered through a shared Gen Digital virus definition update stream, keeping your antivirus product updated through this channel will protect you from this issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7019. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart