PT-2023-28388 · Withsecure · Linux Security 64+7
Published
2023-09-18
·
Updated
2023-09-22
·
CVE-2023-42523
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
WithSecure Client Security version 15
WithSecure Server Security version 15
WithSecure Email and Server Security version 15
WithSecure Elements Endpoint Protection versions 17 and later
WithSecure Client Security for Mac version 15
WithSecure Elements Endpoint Protection for Mac versions 17 and later
Linux Security 64 version 12.0
Linux Protection version 12.0
WithSecure Atlant version 1.0.35-1
Description
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file.
Recommendations
For WithSecure Client Security version 15, update to a fixed version.
For WithSecure Server Security version 15, update to a fixed version.
For WithSecure Email and Server Security version 15, update to a fixed version.
For WithSecure Elements Endpoint Protection versions 17 and later, update to a fixed version.
For WithSecure Client Security for Mac version 15, update to a fixed version.
For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a fixed version.
For Linux Security 64 version 12.0, update to a fixed version.
For Linux Protection version 12.0, update to a fixed version.
For WithSecure Atlant version 1.0.35-1, update to a fixed version.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Protection
Linux Security 64
Withsecure Atlant
Withsecure Client Security
Withsecure Client Security For Mac
Withsecure Elements Endpoint Protection
Withsecure Email/Server Security
Withsecure Server Security