CVE-2023-42520
First published: Mon Sep 18 2023(Updated: )
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WithSecure Client Security | =15 | |
| WithSecure Elements Endpoint Protection | >=17 | |
| WithSecure Email and Server Security | =15 | |
| WithSecure Server Security | =15 | |
| Microsoft Windows | ||
| Apple macOS | ||
| WithSecure Linux Protection | =12.0 | |
| WithSecure Linux Security 64 | =12.0 | |
| Linux Linux kernel | ||
| WithSecure Atlant | =1.0.35-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-42520?
CVE-2023-42520 is a vulnerability that allows a remote crash of a scanning engine in certain WithSecure products via unpacking of crafted data files.
Which products are affected by CVE-2023-42520?
CVE-2023-42520 affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later.
What is the severity of CVE-2023-42520?
The severity of CVE-2023-42520 is high with a severity value of 7.5.
How do I fix CVE-2023-42520?
To fix CVE-2023-42520, it is recommended to update the affected WithSecure products to the latest version provided by the vendor.
Where can I find more information about CVE-2023-42520?
More information about CVE-2023-42520 can be found in the [security advisories](https://www.withsecure.com/en/support/security-advisories) on the WithSecure website.
- collector/nvd-index
- collector/nvd-api
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/withsecure
- canonical/withsecure client security
- version/withsecure client security/15
- canonical/withsecure elements endpoint protection
- version/withsecure elements endpoint protection/17
- canonical/withsecure email and server security
- version/withsecure email and server security/15
- canonical/withsecure server security
- version/withsecure server security/15
- vendor/microsoft
- canonical/microsoft windows
- vendor/apple
- canonical/apple macos
- canonical/withsecure linux protection
- version/withsecure linux protection/12.0
- canonical/withsecure linux security 64
- version/withsecure linux security 64/12.0
- vendor/linux
- canonical/linux linux kernel
- canonical/withsecure atlant
- version/withsecure atlant/1.0.35-1