The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HEset Endpoint Antivirus
APPEsetwszystkie wersjeEset Endpoint Security
APPEsetwszystkie wersjeEset Internet Security
APPEsetwszystkie wersjeEset Mail Security
APPEsetwszystkie wersjeEset Nod32
APPEsetwszystkie wersjeEset Security
APPEsetwszystkie wersjeEset Server Security
APPEsetwszystkie wersjeEset Smart Security
APPEsetwszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2020-10180CRITICAL9.8ten sam produkt
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This ...
CVE-2015-8841CRITICAL9.8ten sam produkt
Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attac...
CVE-2024-0353HIGH7.8ten sam produkt
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to d...
CVE-2023-5594HIGH7.5ten sam produkt
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermedia...
CVE-2023-2847HIGH7.8ten sam produkt
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machi...