Latest F-secure Vulnerabilities

CVE-2023-49321
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server S...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 6 more
CVE-2023-49322
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server S...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 6 more
CVE-2023-43760
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecu...
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
F-secure Email And Server Security=15.00
F-Secure Server Security=15.00
Microsoft Windows
Apple macOS
and 4 more
CVE-2023-43761
Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elem...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 4 more
CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server ...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 4 more
CVE-2023-43765
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecu...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 4 more
CVE-2023-43767
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Securi...
F-secure Linux Protection=12.0
F-secure Linux Security 64=12.0
Linux Linux kernel
F-Secure Atlant=1.0.35-1
F-Secure Client Security=15.00
F-secure Elements Endpoint Protection>=17.0
and 4 more
CVE-2022-47524
F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.
F-secure Safe<=19.1
CVE-2022-45871
A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remot...
F-Secure Atlant
CVE-2022-38166
In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerabl...
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
CVE-2022-38163
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the a...
F-secure Safe<=19.0
F-secure Safe<=19.0
CVE-2022-38164
A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain par...
F-secure Safe<=19.0
F-secure Safe<=19.0
<=19.0
<=19.0
CVE-2022-28887
Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine cra...
F-secure Elements Endpoint Detection And Response
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Internet Gatekeeper
and 2 more
CVE-2022-28886
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can cra...
F-secure Cloud Protection For Salesforce
F-secure Collaboration Protection
F-secure Elements Endpoint Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
CVE-2022-28885
A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request.
F-Secure Atlant
F-Secure Linux Security
CVE-2022-28884
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the sc...
Withsecure Business Suite
WithSecure Elements Endpoint Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
CVE-2022-28883
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can b...
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
and 3 more
CVE-2022-28882
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning ...
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
and 3 more
CVE-2022-28881
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine c...
F-secure Elements Endpoint Detection And Response
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
and 4 more
CVE-2022-28880
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The e...
F-secure Elements Endpoint Detection And Response
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
and 4 more
CVE-2022-28878
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
and 3 more
CVE-2022-28879
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.
F-secure Elements Endpoint Protection
Apple macOS
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
F-secure Internet Gatekeeper
and 2 more
CVE-2022-28877
This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windo...
F-secure Elements Endpoint Protection
Microsoft Windows
CVE-2022-28876
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit ca...
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
F-secure Elements Endpoint Protection
and 2 more
CVE-2022-28875
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can ...
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements Collaboration Protection
F-secure Internet Gatekeeper
F-Secure Linux Security
F-secure Elements Endpoint Detection And Response
and 3 more
CVE-2022-28874
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflo...
F-Secure Atlant
F-secure Elements Endpoint Protection
F-Secure Linux Security
Apple macOS
Microsoft Windows
Withsecure Cloud Protection For Salesforce
and 1 more
CVE-2022-28872
F-secure Safe<=19.0
CVE-2022-28873
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
F-secure Safe<=19.0
CVE-2022-28871
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much m...
F-Secure Atlant
Apple Mac OS X
Apple macOS
Microsoft Windows
CVE-2022-28869
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port ...
F-secure Safe<=18.6
CVE-2022-28870
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fa...
F-secure Safe<=18.6
CVE-2022-28868
An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until t...
F-secure Safe<=18.6
CVE-2021-44751
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which...
F-secure Safe<18.5
CVE-2021-44750
An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands.
F-Secure Client Security
F-secure Countercept
F-secure Elements
F-secure Email And Server Security
F-Secure Server Security
Microsoft Windows
CVE-2021-44748
A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be ...
F-secure Safe=18.5
CVE-2021-44749
A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universal cross-site scripting through browsing protection in a SAFE web brows...
F-secure Safe=18.5
CVE-2021-44747
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can b...
F-Secure Atlant<2022-02-23_01
F-secure Elements Endpoint Protection<2022-02-23_01
F-secure Internet Gatekeeper<=2022-02-23_01
F-Secure Linux Security<2022-02-23_01
F-secure Security Cloud<2022-02-23_01
CVE-2021-40837
A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be ...
F-Secure Atlant<2022-02-01_01
F-secure Internet Gatekeeper<2022-02-01_01
F-Secure Linux Security<2022-02-01_01
F-secure Security Cloud<2022-02-01_01
F-secure Elements Endpoint Detection And Response<2022-02-01_01
F-secure Elements Endpoint Protection<2022-02-01_01
and 2 more
CVE-2021-40835
An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be ...
F-secure Safe<18.3
CVE-2021-40834
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides...
F-secure Safe<=17.9
CVE-2021-40833
A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful at...
and 1 more
CVE-2021-33603
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can...
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-secure Elements For Microsoft 365
F-secure Internet Gatekeeper
F-Secure Linux Security
F-secure Elements Endpoint Detection And Response
and 3 more
CVE-2021-33600
F-secure Internet Gatekeeper>=5.10<=5.50.47
CVE-2021-33599
A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can ...
F-Secure Atlant
F-secure Cloud Protection For Salesforce
F-Secure Linux Security
F-secure Elements Endpoint Protection
Apple macOS
Microsoft Windows
CVE-2021-33595
A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that...
F-secure Safe<18.4.272901
CVE-2021-33594
An address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted a malicious URL, it appears like a legitimate one on the address bar, while th...
F-secure Safe<18.4.0
CVE-2021-33596
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requir...
F-secure Safe<18.4.272901
CVE-2021-33572
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. T...
F-secure Cloud Protection For Salesforce
F-secure Elements For Microsoft 365
F-secure Endpoint Protection
F-Secure Linux Security
CVE-2020-14978
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system...
F-secure Safe=17.7
CVE-2020-14977
An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to a privileg...
F-secure Safe=17.7

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203