PatchSiren cyber security CVE debrief

CVE-2025-7009 Gen Digital CVE debrief

A heap buffer out-of-bounds read vulnerability exists in Avast Antivirus when scanning a malformed Windows PE file. This vulnerability, tracked as CVE-2025-7009, may allow for Local Execution of Code or Denial-of-Service of the antivirus process. The issue affects multiple products including Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus definition builds before VPS 25021310.

Vendor: Gen Digital
Product: Avast Antivirus
CVSS: HIGH 7.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-12
Original CVE updated: 2026-06-12
Advisory published: 2026-06-12
Advisory updated: 2026-06-12

Who should care

Users of Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux who have not updated to virus definition build VPS 25021310 or later should be aware of this vulnerability.

Technical summary

The vulnerability is caused by a heap buffer out-of-bounds read when scanning a malformed Windows PE file. This could potentially allow an attacker to execute code locally or cause a Denial-of-Service condition on the affected antivirus process.

Defensive priority

High

Recommended defensive actions

Update virus definitions to build VPS 25021310 or later for Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux.
Ensure all installations are at or above the listed build to mitigate this vulnerability.

Evidence notes

The affected scanning logic is delivered through a shared Gen Digital virus definition update stream. The same stream feeds the consumer antivirus products listed in this advisory and other Gen Digital products that embed the same engine.

Official resources

CVE-2025-7009 was published on 2026-06-12T22:16:48.943Z.