Vulnerability Description
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Withsecure | Client Security | 15 |
| Withsecure | Elements Endpoint Protection | >= 17 |
| Withsecure | Email And Server Security | 15 |
| Withsecure | Server Security | 15 |
| Microsoft | Windows | - |
| Apple | Macos | - |
| Withsecure | Linux Protection | 12.0 |
| Withsecure | Linux Security 64 | 12.0 |
| Linux | Linux Kernel | - |
| Withsecure | Atlant | 1.0.35-1 |
Related Weaknesses (CWE)
References
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
FAQ
What is CVE-2023-42526?
CVE-2023-42526 is a vulnerability with a CVSS score of 7.5 (HIGH). Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Ema...
How severe is CVE-2023-42526?
CVE-2023-42526 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-42526?
Check the references section above for vendor advisories and patch information. Affected products include: Withsecure Client Security, Withsecure Elements Endpoint Protection, Withsecure Email And Server Security, Withsecure Server Security, Microsoft Windows.