CVE-2024-23764

CVE Database · CVE-2024-23764

CVE-2024-23764

· MEDIUMModified

CVSS v3.1

6.7

EPSS

0.17%

Published

Feb 8, 2024

Modified

May 15, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-269CWE-269

Affected Products (4)

withsecure · client_securityvulnerable

withsecure · server_securityvulnerable

withsecure · email_and_server_securityvulnerable

withsecure · elements_endpoint_protectionvulnerable

References (4)

https://www.withsecure.com/en/support/security-advisories

Product