Vulnerability in ClamAV
A CVE has been detected in the virusscanner ClamAV. I’m writing this post to notify my community because I write a lot about Synology.
Overview
Multiple vulnerabilities allow remote attackers to possibly execute arbitrary code or local users to obtain sensitive information via a susceptible version of Antivirus Essential, Synology Mail Server, and Synology MailPlus Server.
What is a CVE?
CVE stands for Common Vulnerabilities and Exposures
, a CVE provides a reference method for publicly known information security vulnerabilities and exposures. More information: Wikipedia CVE
Actions
The advice is to update the following Synology packages as soon as the update is available.
- Antivirus Essential
- Synology Mail Server
- Synology MailPlus Server
![](https://blog.tpi.local/content/images/wordpress/2023/02/2023-02-23-12_39_55-DATACORE-Synology-DiskStation.png)