← voltar
CVE-2023-7043

Unquoted path privilege vulnerability in ESET products for Windows

CVSS 3.3 LOWEPSS 0.3%CWE-428
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
ESET, spol. s r.o. · ESET Endpoint AntivirusESET, spol. s r.o. · ESET Endpoint SecurityESET, spol. s r.o. · ESET Internet SecurityESET, spol. s r.o. · ESET Mail Security for Microsoft Exchange ServerESET, spol. s r.o. · ESET NOD32 AntivirusESET, spol. s r.o. · ESET Smart Security Premium

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.eset.com/en/ca8602