CVE-2024-27358

WithSecure Elements for Mac Denial-of-Service (DoS) Vulnerability 

More information

It is possible for a local user to deny an administrator from installing WithSecure Mac antivirus software on macOS devices. Successful exploitation of the vulnerability can possibly lead to Deniel of Service in the system.

This issue was reported to WithSecure as a part of Internal Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

WithSecure is not aware of any known exploits for this vulnerability.

Contributors

WithSecure would like to thank following person for bringing this issue to our attention.

Max Keasley

WithSecure Security Consultant (UK)

    Status

  • Fixed

    • Risk level

  • Medium

    • Action required

  • FIX No User action is required. The required fix has been published through automatic update channel for Elements agent version 24.1

    Please note : End of life date for Client Security for Mac version 15 is on 30th Sept 2024. In order to mitigate this issue admin must take action to upgrade to Client Security for Mac 16.

    • Affected products

  • All WithSecure Endpoint Protection products for Mac

    • WithSecure Elements Agent for Mac version 23.x & below
    • WithSecure Elements Client Security for Mac version 15 & below

    • Platforms

  • All supported platforms for the affected products

    • Date issued

  • 2024-07-26

Read more