Volerion logoVolerion
Volerion logoVolerion

Cisco Secure Web Appliance DVS Engine Anti-Malware Bypass Vulnerability

Vulnerability

A vulnerability exists in the Dynamic Vectoring and Streaming (DVS) Engine of Cisco AsyncOS for Cisco Secure Web Appliance. It allows an unauthenticated, remote attacker to bypass the anti-malware scanner, enabling the download of malicious archive files. This issue arises from improper handling of certain archive files. Exploitation involves sending a crafted archive file, which should be blocked, through an affected device. Once downloaded, the malware would not execute automatically unless the end user extracted and opened the file.

Impact

Exploitation of this vulnerability could lead to the bypassing of the anti-malware scanner, allowing malware to be downloaded onto an end user workstation. The downloaded malware would require manual extraction and execution to activate.

Remediation

Users are advised to upgrade to Cisco AsyncOS for Cisco Secure Web Appliance version 15.2.5-011. Instructions for upgrading via the web interface are available in the Cisco Security Advisory.

Added: Feb 4, 2026, 6:37 PM
Updated: Feb 4, 2026, 6:37 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
0.4
exploitability
6.3
remediation
7.7
relevance
2.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.