PT-2023-28385 · Withsecure · Withsecure Atlant+5
Published
2023-09-18
·
Updated
2023-09-21
·
CVE-2023-42520
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
WithSecure Client Security version 15
WithSecure Server Security version 15
WithSecure Email and Server Security version 15
WithSecure Elements Endpoint Protection versions 17 and later
WithSecure Client Security for Mac version 15
WithSecure Elements Endpoint Protection for Mac versions 17 and later
Linux Security 64 version 12.0
Linux Protection version 12.0
WithSecure Atlant version 1.0.35-1
Description
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files.
Recommendations
For WithSecure Client Security version 15, update to a fixed version when available.
For WithSecure Server Security version 15, update to a fixed version when available.
For WithSecure Email and Server Security version 15, update to a fixed version when available.
For WithSecure Elements Endpoint Protection versions 17 and later, update to a fixed version when available.
For WithSecure Client Security for Mac version 15, update to a fixed version when available.
For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a fixed version when available.
For Linux Security 64 version 12.0, update to a fixed version when available.
For Linux Protection version 12.0, update to a fixed version when available.
For WithSecure Atlant version 1.0.35-1, update to a fixed version when available.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Withsecure Atlant
Withsecure Client Security
Withsecure Client Security For Mac
Withsecure Elements Endpoint Protection
Withsecure Email/Server Security
Withsecure Server Security