CVE-2022-27167
Arbitrary File Deletion in ESET products for Windows
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Produtos afetados
ESET, spol. s r.o. · ESET Endpoint AntivirusESET, spol. s r.o. · ESET Endpoint SecurityESET, spol. s r.o. · ESET File Security for Microsoft Windows ServerESET, spol. s r.o. · ESET Internet SecurityESET, spol. s r.o. · ESET Mail Security for IBM DominoESET, spol. s r.o. · ESET Mail Security for Microsoft Exchange ServerESET, spol. s r.o. · ESET NOD32 AntivirusESET, spol. s r.o. · ESET Security for Microsoft SharePoint ServerESET, spol. s r.o. · ESET Server Security for Microsoft Windows ServerESET, spol. s r.o. · ESET Smart Security PremiumQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://support.eset.com/en/ca8268