This article addresses the latest vulnerability found with ClamAV (HotFix Instructions for CVE-2023-20032 and CVE-2023-20052), The Antivirus Software that is pre-installed with the RSA Authentication Manager.
RSA Customer Advisory: ClamAV Vulnerability | (CVE-2023-20032)
Overview
The CVE-2023-20032 and CVE-2023-20052 are vulnerabilities that impact a third-party virus-scanning application pre-installed with RSA Authentication Manager. If you are not using “ClamAV” on your system, this vulnerability poses no additional risk. If necessary for compliance reasons, the ClamAV package can be safely removed. If you are using ClamAV, RSA highly recommends that you follow these instructions to manually update the “ClamAV” component as soon as possible.