Local Privilege Escalation Vulnerability
On October 26, 2023, a high severity vulnerability was discovered in WithSecure Endpoint Protection solutions for Microsoft Windows.
During investigation, we found that the affected component is used in the following WithSecure™ products:
WithSecure Client Security 15 onwards
WithSecure Server Security 15 onwards
WithSecure Email and Server Security 15 onwards
WithSecure Elements Endpoint Protection 17 onwards
This vulnerability allows for a local user with administrator privileges to corrupt kernel memory, leading to potential local privilege escalation.
WithSecure is not aware of any known exploits for this vulnerability.
We will update the advisory page as additional information becomes available.