- Products
- Renew
- Articles
- Support
- Free tools
- F‑Secure Text Message CheckerCheck with AI if a text message is a scam
- F‑Secure Online Shopping CheckerCheck for free if a website is safe to buy from
- F‑Secure Identity Theft CheckerCheck if your personal information has been part of a data breach
- F‑Secure Strong Password GeneratorCreate strong passwords for free
- F‑Secure IP CheckerCheck your IP address and location
- F‑Secure Online ScannerScan and clean your PC for free
- F‑Secure Router CheckerIs your internet connection safe?
- View all free tools
- Scam protection
- My F‑Secure
Security advisories
CVE-2024-23764: Local privilege escalation vulnerability
Description
STATUS: Fixed
RISK LEVEL: Medium
FIX: No User action is required. The required fix has been published through automatic update channel with ULCore version 2023-11-28_01.
Affected products
All F‑Secure endpoint protection products for Windows
Affected platforms
Windows
More information
On October 30, 2023, a medium severity vulnerability was discovered in F-Secure Endpoint Protection solutions for Microsoft Windows.
During investigation, we found that the affected component is used in the following F-Secure products:
All F‑Secure endpoint protection products for Windows
This vulnerability allows for a local user with administrator privileges to corrupt kernel memory leading to potential local privilege escalation. F-Secure is not aware of any known exploits of this vulnerability.
This issue was reported to F-Secure through the Vulnerability Reward Program.
Credits
F-Secure would like to thank Adam Babis for bringing this issue to our attention.
LinkedIn: https://www.linkedin.com/in/adam-babis-1275462a0/
Date issued: 2024-01-31