HIGH🇬🇧 English

CVE-2021-37851

CVSS 7.3v3.1pub. 2022-05-11upd. 2024-11-21

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Eset Endpoint Antivirus

    APP
    Eset
    6.0 – 8.0.2053.0 (bez)8.1 – 8.1.2050.0 (bez)9.0 – 9.0.2046.0 (bez)
  • Eset Endpoint Security

    APP
    Eset
    6.0 – 8.0.2053.0 (bez)8.1 – 8.1.2050.0 (bez)9.0 – 9.0.2046.0 (bez)
  • Eset File Security

    APP
    Eset
    6.0 – 8.0.12013.0 (bez)
  • Eset Internet Security

    APP
    Eset
    11.2 – 15.1.12.0 (bez)
  • Eset Mail Security

    APP
    Eset
    6.0 – 8.0.10020.0 (bez)6.0 – 8.0.14011.0 (bez)
  • Eset Nod32 Antivirus

    APP
    Eset
    11.2 – 15.1.12.0 (bez)
  • Eset Security

    APP
    Eset
    6.0 – 8.0.15009.0 (bez)
  • Eset Server Security

    APP
    Eset
    ≥ 6.08.0 – 9.0.12012.0 (bez)
  • Eset Smart Security

    APP
    Eset
    11.2 – 15.1.12.0 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2020-10180CRITICAL9.8ten sam produkt

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This ...

CVE-2024-0353HIGH7.8ten sam produkt

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to d...

CVE-2023-5594HIGH7.5ten sam produkt

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermedia...

CVE-2023-3160HIGH7.8ten sam produkt

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to...

CVE-2023-2847HIGH7.8ten sam produkt

During internal security analysis, a local privilege escalation vulnerability has been identified. On a machi...