Cyber Resilience

CVE-2025-8351

Critical

Published: 01 December 2025

Published
01 December 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0006 18.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8351 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Gendigital (inferred from references). Its CVSS base score is 9.0 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Stealth (T1211); ranked at the 18.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-8351 is a heap-based buffer overflow and out-of-bounds read vulnerability (CWE-122, CWE-125) in Avast Antivirus on macOS. The issue arises when the software scans a malformed file, potentially leading to local code execution or denial-of-service of the antivirus engine process. It affects Avast Antivirus versions from 8.3.70.94 before 8.3.70.98 and was published on 2025-12-01T16:15:57.857 with a CVSS v3.1 base score of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).

Attackers require no privileges or user interaction and can exploit the vulnerability over the network, though it demands high attack complexity. Successful exploitation grants high-impact confidentiality, integrity, and availability violations with a changed scope, enabling local code execution within the antivirus process or denial-of-service that disrupts the engine.

Gen Digital has published a security advisory with details on mitigation, available at https://www.gendigital.com/us/en/contact-us/security-advisories/. Users should update to Avast Antivirus version 8.3.70.98 or later to address the vulnerability.

EU & UK References

Vulnerability details

Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1211 Exploitation for Stealth Stealth
Adversaries may exploit vulnerabilities to evade detection by hiding activity, suppressing logging, or operating within trusted or unmonitored components.
T1685 Disable or Modify Tools Defense Impairment
Adversaries may disable, degrade, or tamper with security tools or applications (e.
Why these techniques?

Vulnerability enables remote heap buffer overflow in Avast Antivirus on macOS for local code execution or DoS on the AV engine process, directly facilitating Exploitation for Defense Evasion and Disable or Modify Tools.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-21246Shared CWE-122, CWE-125
CVE-2025-49657Shared CWE-122, CWE-125
CVE-2025-50163Shared CWE-122, CWE-125
CVE-2025-24048Shared CWE-122, CWE-125
CVE-2025-21245Shared CWE-122, CWE-125
CVE-2026-42477Shared CWE-122, CWE-125
CVE-2025-24050Shared CWE-122, CWE-125
CVE-2025-49696Shared CWE-122, CWE-125
CVE-2025-21178Shared CWE-122, CWE-125
CVE-2026-21490Shared CWE-122, CWE-125

Affected Assets

Gendigital
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely flaw remediation by patching Avast Antivirus to version 8.3.70.98 or later to eliminate the heap buffer overflow and out-of-bounds read vulnerability.

prevent

Implements memory protection mechanisms such as address space randomization and data execution prevention to block exploitation of heap-based buffer overflows and out-of-bounds reads for code execution.

prevent

Mandates validation of information inputs like malformed files prior to antivirus scanning to avert triggering the buffer overflow in the engine process.

References