CVE-2024-27359

HIGH

WithSecure Products - Archive Scanner Denial of Service

Title source: llm

Description

Certain WithSecure products allow a Denial of Service because the engine scanner can go into an infinite loop when processing an archive file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

References (1)

Core 1

Core References

Various Sources

https://www.withsecure.com/en/support/security-advisories/cve-2034-n1

Scores

CVSS v3 7.5

EPSS 0.0071

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-835

Status published

Published Feb 26, 2024

Tracked Since Feb 18, 2026