CVE-2023-43766
HIGHWithSecure Linux Protection 12.0 - Local Privilege Escalation via lhz Archive Unpack Handler
Title source: llmDescription
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
References (2)
Core 2
Core References
Vendor Advisory
https://www.withsecure.com/en/support/security-advisories
Scores
CVSS v3
7.8
EPSS
0.0015
EPSS Percentile
4.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (7)
f-secure/atlant
1.0.35-1
f-secure/client_security
15.00
f-secure/elements_endpoint_protection
17.0
f-secure/email_and_server_security
15.00
f-secure/linux_protection
12.0
f-secure/linux_security_64
12.0
f-secure/server_security
15.00
Published
Sep 22, 2023
Tracked Since
Feb 18, 2026