Security Advisories

FSC-2018-1: Multiple Memory Vulnerabilities

Description

Specially crafted IPC messages on F-Secure components FSMA, FSSM and Gatekeeper can lead to denial of service or local privilege escalation.

Affected Products

Risk Level (Low/Medium/High/Cricital) Medium

Client Security Standard / Premium version 12.32 and below
Client Security Standard / Premium version 13.00
Server Security Standard / Premium version 12.11 and below
Email And Server Security Standard / Premium version 12.11 and below
PSB Workstation 12.01.283 all versions (1-7)
PSB Email And Server Security version 12.10.280 and below

Platforms

Risk Level (Low/Medium/High/Cricital) Medium

Windows

More Information

Multiple memory vulnerabilities were discovered in the FSMA, FSSM and Gatekeeper components used in certain F-Secure products. These vulnerabilities can be triggered locally by an attacker without special privileges through specially-crafted inter-process communication (IPC) messages. A successful attack will result in denial of service of the anti-virus product or can lead to privilege escalation.

This issue was reported to F-Secure through the Vulnerability Reward Program. No known attack has been observed in-the-wild at the time of the advisory release.

Mitigating Factors

An attacker would require local code execution rights for successful exploitation.

Fix Available

Product	Versions	Download
Client Security Standard/Premium	12.33	Steps to upgrade: Download the installer from: here Import installer to the Policy Manager console and then upgrade hosts with CS 12.32 using policy-based installation or by exporting the MSI package For more details, please refer to the links below: https://help.f-secure.com/product.html#business/policy-manager/13.10/en/task_59E41CAA430547F69C8241F89838425E-13.10-en https://help.f-secure.com/product.html#business/policy-manager/13.10/en/task_26D88E9EE0E947AAAC816053286A8B20-13.10-en
Client Security Standard/Premium	13.10	Steps to upgrade: Download the installer from: here Import installer to the Policy Manager console and then upgrade hosts with CS 13.00 using policy-based installation or by exporting the MSI package
Server Security Standard/Premium	12.12	Download and install from the weblink: here
Email And Server Security Standard/Premium	12.12	Download and install from the weblink: here
PSB Workstation	12.01.293	Fixed versions for PSB products will be available on PSB portal download page
PSB Email And Server Security	12.10.284	Fixed versions for PSB products will be available on PSB portal download page

Credits

F-Secure Corporation would like to thank ZombiE for bringing this issue to our attention.

Date Issued: 2018-02-01