PT-2024-20067 · Withsecure · Withsecure Client Security+3
Published
2024-02-08
·
Updated
2024-02-15
·
CVE-2024-23764
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WithSecure Client Security versions 15 and later
WithSecure Server Security versions 15 and later
WithSecure Email and Server Security versions 15 and later
WithSecure Elements Endpoint Protection versions 17 and later
Description
Certain WithSecure products allow Local Privilege Escalation. The issue affects various WithSecure security products.
Recommendations
For WithSecure Client Security versions 15 and later, update to a version that includes a fix for this issue.
For WithSecure Server Security versions 15 and later, update to a version that includes a fix for this issue.
For WithSecure Email and Server Security versions 15 and later, update to a version that includes a fix for this issue.
For WithSecure Elements Endpoint Protection versions 17 and later, update to a version that includes a fix for this issue.
As a temporary workaround, consider restricting access to sensitive resources to minimize the risk of exploitation.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Withsecure Client Security
Withsecure Elements Endpoint Protection
Withsecure Email/Server Security
Withsecure Server Security