Vulnerability Description
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | Linux Protection | 12.0 |
| F-Secure | Linux Security 64 | 12.0 |
| Linux | Linux Kernel | - |
| F-Secure | Atlant | 1.0.35-1 |
| F-Secure | Client Security | 15.00 |
| F-Secure | Elements Endpoint Protection | >= 17.0 |
| F-Secure | Email And Server Security | 15.00 |
| F-Secure | Server Security | 15.00 |
| Microsoft | Windows | - |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn4Broken Link
- https://www.withsecure.com/en/support/security-advisoriesVendor Advisory
- https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn4Broken Link
FAQ
What is CVE-2023-43766?
CVE-2023-43766 is a vulnerability with a CVSS score of 7.8 (HIGH). Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server ...
How severe is CVE-2023-43766?
CVE-2023-43766 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43766?
Check the references section above for vendor advisories and patch information. Affected products include: F-Secure Linux Protection, F-Secure Linux Security 64, Linux Linux Kernel, F-Secure Atlant, F-Secure Client Security.