Vulnerability in F-Secure Online Scanner

F-Secure Online Scanner is a standalone antivirus tool that scans the content of the target system for malware. A single vulnerability has been found in the tool.

The vulnerability is related to handling of DLL library files. F-Secure Online Scanner loads library files from the directory where it is located. Often the tool is loaded to the download folder of the used browser. An attacker may be able to run arbitrary code in the target system by luring the target into loading a DLL file before running F-Secure Online Scanner.

  • Servers and server applications
  • Workstations and end-user applications
  • Network devices
  • Mobile communications systems
  • Embedded systems
  • Others


  • Servers and server applications
  • Workstations and end-user applications
Further information +

Attack vector

  • Remote
Further information on the access vector +


  • Execution of arbitrary commands
Further information on the impact +


  • Software update patch
Further information on the remediation +

Vulnerable software:

  • F-Secure Online Scanner

Possible solutions and restrictive measures:

Load the latest version of the software from the vendor.

Further information:

Contact Information

NCSC-FI Vulnerability Coorination can be contacted as follows:


Please quote the advisory reference [FICORA #883879] in the subject line.

+385 295 390 230
Monday - Friday 08:00 – 16:15 (EET: UTC+2)

Vulnerability Coordination
P.O. Box 313
FI-00181 Helsinki

NCSC-FI encourages those who wish to communicate via email to make use of our PGP key. The PGP key as well as the vulnerability coordination principles of NCSC-FI are available at:

Update history

Key words: Information security , CERT , Vulnerability coordination

LinkedIn Print


The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

P.O. Box 313, FI-00561 HELSINKI

Dynamicum, Erik Palménin aukio 1, 00560 HELSINKI

Media contacts by telephone +358 295 390 248