// For flags

CVE-2023-43767

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Ciertos productos WithSecure permiten la Denegación de Servicio a través del controlador de descompresión del archivo aepack. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-09-22 CVE Reserved
  • 2023-09-22 CVE Published
  • 2024-09-25 CVE Updated
  • 2024-10-24 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
F-secure
Search vendor "F-secure"
Linux Protection
Search vendor "F-secure" for product "Linux Protection"
12.0
Search vendor "F-secure" for product "Linux Protection" and version "12.0"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe
F-secure
Search vendor "F-secure"
Linux Security 64
Search vendor "F-secure" for product "Linux Security 64"
12.0
Search vendor "F-secure" for product "Linux Security 64" and version "12.0"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Safe
F-secure
Search vendor "F-secure"
Client Security
Search vendor "F-secure" for product "Client Security"
15.00
Search vendor "F-secure" for product "Client Security" and version "15.00"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
F-secure
Search vendor "F-secure"
Elements Endpoint Protection
Search vendor "F-secure" for product "Elements Endpoint Protection"
>= 17.0
Search vendor "F-secure" for product "Elements Endpoint Protection" and version " >= 17.0"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
F-secure
Search vendor "F-secure"
Email And Server Security
Search vendor "F-secure" for product "Email And Server Security"
15.00
Search vendor "F-secure" for product "Email And Server Security" and version "15.00"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
F-secure
Search vendor "F-secure"
Server Security
Search vendor "F-secure" for product "Server Security"
15.00
Search vendor "F-secure" for product "Server Security" and version "15.00"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
F-secure
Search vendor "F-secure"
Client Security
Search vendor "F-secure" for product "Client Security"
15.00
Search vendor "F-secure" for product "Client Security" and version "15.00"
-
Affected
in Apple
Search vendor "Apple"
Macos
Search vendor "Apple" for product "Macos"
--
Safe
F-secure
Search vendor "F-secure"
Elements Endpoint Protection
Search vendor "F-secure" for product "Elements Endpoint Protection"
>= 17.0
Search vendor "F-secure" for product "Elements Endpoint Protection" and version " >= 17.0"
-
Affected
in Apple
Search vendor "Apple"
Macos
Search vendor "Apple" for product "Macos"
--
Safe
F-secure
Search vendor "F-secure"
Atlant
Search vendor "F-secure" for product "Atlant"
1.0.35-1
Search vendor "F-secure" for product "Atlant" and version "1.0.35-1"
-
Affected