PigeonReporter

Multiple Vulnerabilities Found in F-Secure Products – Remote Denial of Service Risk

The French Computer Emergency Response Team (CERT-FR) has issued an advisory regarding multiple vulnerabilities discovered in F-Secure products, which could potentially lead to remote denial of service attacks.

Risk(s):

  • Remote Denial of Service

Affected Systems:

  • F-Secure Endpoint Protection for Windows without the automatic security patch 2023-09-11_07
  • F-Secure Client Security versions 15 without the automatic security patch 2023-09-11_07
  • F-Secure Server Security versions 15 without the automatic security patch 2023-09-11_07
  • F-Secure Email and Server Security versions 15 without the automatic security patch 2023-09-11_07
  • F-Secure Elements Endpoint Protection versions 17 without the automatic security patch 2023-09-11_07
  • F-Secure Endpoint Protection for Mac without the automatic security patch 2023-09-11_07
  • F-Secure Client Security for Mac versions 15 without the automatic security patch 2023-09-11_07
  • F-Secure Elements Endpoint Protection for Mac 17 without the automatic security patch 2023-09-11_07
  • F-Secure Endpoint Protection for Linux without the automatic security patch 2023-09-11_07
  • Linux Security 64 versions 12.0 without the automatic security patch 2023-09-11_07
  • Linux Protection versions 12.0 without the automatic security patch 2023-09-11_07
  • F-Secure Atlant (formerly F-Secure Atlant) versions 1.0.35-1 without the automatic security patch 2023-09-11_07

Summary: Multiple vulnerabilities have been discovered in F-Secure products, allowing an attacker to trigger remote denial of service incidents.

Solution: For information on obtaining the necessary security patches, please refer to the publisher’s security bulletin (see Documentation section).

Documentation:

  • F-Secure Security Advisory cve-2023-42526 dated September 14, 2023: Link
  • F-Secure Security Advisory cve-2023-42521 dated September 14, 2023: Link
  • F-Secure Security Advisory cve-2023-42522 dated September 14, 2023: Link
  • F-Secure Security Advisory cve-2023-42523 dated September 14, 2023: Link
  • F-Secure Security Advisory cve-2023-42524 dated September 14, 2023: Link
  • CVE Reference CVE-2023-42521: Link
  • CVE Reference CVE-2023-42522: Link
  • CVE Reference CVE-2023-42523: Link
  • CVE Reference CVE-2023-42524: Link
  • CVE Reference CVE-2023-42526: Link

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0755/

Posted

in

by

PigeonReporter

Tags: