CVE-2023-43760

Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
f-secureemail_and_server_security
15.00
f-secureserver_security
15.00
f-secureclient_security
15.00
f-secureelements_endpoint_protection
17.0 ≤
f-securelinux_protection
12.0
f-securelinux_security_64
12.0
f-secureatlant
1.0.35-1
𝑥
= Vulnerable software versions
References
https://www.withsecure.com/en/support/security-advisories
https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn6
https://www.withsecure.com/en/support/security-advisories
https://www.withsecure.com/en/support/security-advisories/cve-2023-nnn6