CVE-2024-0353
Local privilege escalation in Windows products
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
ESET, spol. s r.o. · ESET Endpoint Antivirus for WindowsESET, spol. s r.o. · ESET Endpoint Security for WindowsESET, spol. s r.o. · ESET File Security for Microsoft AzureESET, spol. s r.o. · ESET Internet SecurityESET, spol. s r.o. · ESET Mail Security for IBM DominoESET, spol. s r.o. · ESET Mail Security for Microsoft Exchange ServerESET, spol. s r.o. · ESET NOD32 AntivirusESET, spol. s r.o. · ESET Security for Microsoft SharePoint ServerESET, spol. s r.o. · ESET Security UltimateESET, spol. s r.o. · ESET Server Security for Windows ServerESET, spol. s r.o. · ESET Smart Security PremiumQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-Unquoted-Service-Path.htmlhttps://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-Unquoted-Service-Path.htmlhttps://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixedhttps://www.exploit-db.com/exploits/51351https://www.exploit-db.com/exploits/51964