Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local vector and high privileges required; scope change to C because UAF in ESET kernel module crashes the OS kernel, crossing privilege boundary from application to kernel.
Primary rating from Vendor (ESET).
CVSS VectorVendor: ESET
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system
AnalysisAI
Use-after-free in ESET's Linux security product kernel components enables a local high-privileged attacker to trigger a kernel panic, causing a complete system crash and denial of service. Both ESET Endpoint Antivirus for Linux and ESET Server Security for Linux are affected across unspecified versions, per ESET's own customer advisory. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access to the target system and high-privilege credentials or an already-elevated process (PR:H, AV:L per CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 6.7 (Medium) accurately reflects the constrained exploitation conditions. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local administrator or privileged process on a Linux host running ESET Endpoint Antivirus or ESET Server Security triggers a specific code path in the ESET kernel module that dereferences a previously freed memory region, causing an unrecoverable kernel panic and system crash. No public proof-of-concept code has been identified, so exploitation currently requires knowledge of the internal ESET kernel module code paths. … |
| Remediation | The primary remediation is to apply the patch detailed in the ESET customer advisory at https://support.eset.com/en/ca8972-eset-customer-advisory-use-after-free-vulnerability-in-eset-security-products-for-linux-fixed. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to ex
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete file
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical
Local privilege escalation in ESET Inspect Connector for Windows lets a low-privileged local user escalate to elevated (
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or
During internal security analysis, a local privilege escalation vulnerability has been identified. Rated high severity (
ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard l
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an u
Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. Rated high severity (CVSS 7.8)
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44903
GHSA-g4c4-fjm7-hv64