CVE-2023-43760
Description
Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
WithSecure products are vulnerable to denial of service via a fuzzed PE32 file, affecting multiple endpoint and server security versions.
Vulnerability
A denial of service vulnerability exists in certain WithSecure products when processing a specially crafted (fuzzed) PE32 file. The affected products include WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0, Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
Exploitation
An attacker can cause a denial of service by providing a fuzzed PE32 file to the affected software. No special privileges or network position are mentioned; it likely requires the file to be scanned by the product. The specific mechanism involves a crash triggered by the malformed PE32 file.
Impact
Successful exploitation leads to a denial-of-service condition, potentially crashing the scanning component and disrupting protection.
Mitigation
As of the publication date (September 22, 2023), no fix or workaround has been disclosed in the available references. Users should monitor the vendor's security advisories for updates.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- WithSecure/WithSecure Client Securitydescription
- Range: 15
- Range: 15
- Range: 15
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2News mentions
0No linked articles in our index yet.