CVE-2023-42524
First published: Mon Sep 18 2023(Updated: )
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WithSecure Client Security | =15 | |
| WithSecure Elements Endpoint Protection | >=17 | |
| WithSecure Email and Server Security | =15 | |
| WithSecure Server Security | =15 | |
| Microsoft Windows | ||
| Apple macOS | ||
| WithSecure Linux Protection | =12.0 | |
| WithSecure Linux Security 64 | =12.0 | |
| Linux Linux kernel | ||
| WithSecure Atlant | =1.0.35-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-42524.
Which products are affected by this vulnerability?
This vulnerability affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.
What is the severity of CVE-2023-42524?
The severity of CVE-2023-42524 is high with a CVSS score of 7.5.
How can I fix CVE-2023-42524?
To fix CVE-2023-42524, it is recommended to update to the latest version of the affected WithSecure products.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found on the WithSecure website at https://www.withsecure.com/en/support/security-advisories.
- collector/nvd-index
- collector/nvd-api
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/withsecure
- canonical/withsecure client security
- version/withsecure client security/15
- canonical/withsecure elements endpoint protection
- version/withsecure elements endpoint protection/17
- canonical/withsecure email and server security
- version/withsecure email and server security/15
- canonical/withsecure server security
- version/withsecure server security/15
- vendor/microsoft
- canonical/microsoft windows
- vendor/apple
- canonical/apple macos
- canonical/withsecure linux protection
- version/withsecure linux protection/12.0
- canonical/withsecure linux security 64
- version/withsecure linux security 64/12.0
- vendor/linux
- canonical/linux linux kernel
- canonical/withsecure atlant
- version/withsecure atlant/1.0.35-1