PT-2023-28973 · Withsecure · Withsecure Atlant+5
Published
2023-09-21
·
Updated
2024-09-25
·
CVE-2023-43766
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WithSecure Client Security version 15
WithSecure Server Security version 15
WithSecure Email and Server Security version 15
WithSecure Elements Endpoint Protection versions 17 and later
WithSecure Client Security for Mac version 15
WithSecure Elements Endpoint Protection for Mac versions 17 and later
Linux Security 64 version 12.0
Linux Protection version 12.0
WithSecure Atlant version 1.0.35-1
Description
The issue allows Local privilege escalation via the lhz archive unpack handler.
Recommendations
For WithSecure Client Security version 15, update to a version that fixes the issue.
For WithSecure Server Security version 15, update to a version that fixes the issue.
For WithSecure Email and Server Security version 15, update to a version that fixes the issue.
For WithSecure Elements Endpoint Protection versions 17 and later, update to a version that fixes the issue.
For WithSecure Client Security for Mac version 15, update to a version that fixes the issue.
For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a version that fixes the issue.
For Linux Security 64 version 12.0, update to a version that fixes the issue.
For Linux Protection version 12.0, update to a version that fixes the issue.
For WithSecure Atlant version 1.0.35-1, update to a version that fixes the issue.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Withsecure Atlant
Withsecure Client Security
Withsecure Client Security For Mac
Withsecure Elements Endpoint Protection
Withsecure Email/Server Security
Withsecure Server Security