CVE-2023-42526
First published: Mon Sep 18 2023(Updated: )
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WithSecure Client Security | =15 | |
| WithSecure Elements Endpoint Protection | >=17 | |
| WithSecure Email and Server Security | =15 | |
| WithSecure Server Security | =15 | |
| Microsoft Windows | ||
| Apple macOS | ||
| WithSecure Linux Protection | =12.0 | |
| WithSecure Linux Security 64 | =12.0 | |
| Linux Linux kernel | ||
| WithSecure Atlant | =1.0.35-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-42526?
CVE-2023-42526 is a vulnerability that allows a remote crash of a scanning engine in certain WithSecure products via decompression of crafted data files.
Which products are affected by CVE-2023-42526?
The WithSecure products affected by CVE-2023-42526 are WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later.
How severe is CVE-2023-42526?
CVE-2023-42526 has a severity rating of 7.5, which is considered high.
How can I fix the CVE-2023-42526 vulnerability?
To fix the CVE-2023-42526 vulnerability, it is recommended to update the affected WithSecure products to the latest version provided by the vendor.
Where can I find more information about CVE-2023-42526?
For more information about CVE-2023-42526, you can visit the official security advisories page on the WithSecure website: https://www.withsecure.com/en/support/security-advisories
- collector/nvd-index
- collector/nvd-api
- agent/severity
- agent/author
- agent/description
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/withsecure
- canonical/withsecure client security
- version/withsecure client security/15
- canonical/withsecure elements endpoint protection
- version/withsecure elements endpoint protection/17
- canonical/withsecure email and server security
- version/withsecure email and server security/15
- canonical/withsecure server security
- version/withsecure server security/15
- vendor/microsoft
- canonical/microsoft windows
- vendor/apple
- canonical/apple macos
- canonical/withsecure linux protection
- version/withsecure linux protection/12.0
- canonical/withsecure linux security 64
- version/withsecure linux security 64/12.0
- vendor/linux
- canonical/linux linux kernel
- canonical/withsecure atlant
- version/withsecure atlant/1.0.35-1