CVE-2023-47172
Description
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Local privilege escalation vulnerability in WithSecure endpoint products allows an admin user to corrupt kernel memory and elevate privileges.
Vulnerability
WithSecure Client Security 15, Server Security 15, Email and Server Security 15, and Elements Endpoint Protection 17 and later for Microsoft Windows contain a vulnerability that allows a local user with administrator privileges to corrupt kernel memory, leading to potential local privilege escalation [1].
Exploitation
An attacker must have local access and administrator privileges on the affected system. The exploitation involves corrupting kernel memory, which may be achieved through manipulation of the affected component. No known exploits have been publicly disclosed as of the advisory publication [1].
Impact
Successful exploitation allows the attacker to escalate privileges from an administrative account to a higher level, potentially achieving SYSTEM or kernel-level access. This could lead to full compromise of the affected system [1].
Mitigation
As of the advisory date, WithSecure has not released a fix. The advisory page is being updated as additional information becomes available. Users should monitor the advisory for updates [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- WithSecure/Client Securitydescription
- Range: =15
- Range: =15
- Range: =15
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.