← back
CVE-2024-2003

Local Privilege Escalation in Quarantine of ESET products for Windows

CVSS 7.3 HIGHEPSS 0.3%CWE-269
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
ESET, spol. s r.o. · ESET Endpoint Antivirus for WindowsESET, spol. s r.o. · ESET Endpoint Security for WindowsESET, spol. s r.o. · ESET File Security for Microsoft AzureESET, spol. s r.o. · ESET Internet SecurityESET, spol. s r.o. · ESET Mail Security for IBM DominoESET, spol. s r.o. · ESET Mail Security for Microsoft Exchange ServerESET, spol. s r.o. · ESET NOD32 AntivirusESET, spol. s r.o. · ESET Safe ServerESET, spol. s r.o. · ESET Security for Microsoft SharePoint ServerESET, spol. s r.o. · ESET Security UltimateESET, spol. s r.o. · ESET Server Security for Windows ServerESET, spol. s r.o. · ESET Small Business SecurityESET, spol. s r.o. · ESET Smart Security Premium

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.eset.com/ca8674