CVE-2025-8351
Published: 01 December 2025
Summary
CVE-2025-8351 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Gendigital (inferred from references). Its CVSS base score is 9.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Stealth (T1211); ranked at the 18.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-8351 is a heap-based buffer overflow and out-of-bounds read vulnerability (CWE-122, CWE-125) in Avast Antivirus on macOS. The issue arises when the software scans a malformed file, potentially leading to local code execution or denial-of-service of the antivirus engine process. It affects Avast Antivirus versions from 8.3.70.94 before 8.3.70.98 and was published on 2025-12-01T16:15:57.857 with a CVSS v3.1 base score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
Attackers require no privileges or user interaction and can exploit the vulnerability over the network, though it demands high attack complexity. Successful exploitation grants high-impact confidentiality, integrity, and availability violations with a changed scope, enabling local code execution within the antivirus process or denial-of-service that disrupts the engine.
Gen Digital has published a security advisory with details on mitigation, available at https://www.gendigital.com/us/en/contact-us/security-advisories/. Users should update to Avast Antivirus version 8.3.70.98 or later to address the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-200023
Vulnerability details
Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability enables remote heap buffer overflow in Avast Antivirus on macOS for local code execution or DoS on the AV engine process, directly facilitating Exploitation for Defense Evasion and Disable or Modify Tools.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely flaw remediation by patching Avast Antivirus to version 8.3.70.98 or later to eliminate the heap buffer overflow and out-of-bounds read vulnerability.
Implements memory protection mechanisms such as address space randomization and data execution prevention to block exploitation of heap-based buffer overflows and out-of-bounds reads for code execution.
Mandates validation of information inputs like malformed files prior to antivirus scanning to avert triggering the buffer overflow in the engine process.