EUVD-2025-209122

| CVE-2025-3716 MEDIUM
2026-03-30 ESET GHSA-922m-q3x3-5pf9
5.3
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Mar 30, 2026 - 08:15 euvd
EUVD-2025-209122
Analysis Generated
Mar 30, 2026 - 08:15 vuln.today
CVE Published
Mar 30, 2026 - 07:30 nvd
MEDIUM 5.3

Tags

Information Disclosure

Description

User enumeration in ESET Protect (on-prem) via Response Timing.

Analysis

ESET Protect (on-premises) allows user enumeration through response timing analysis, enabling remote attackers to determine whether specific usernames exist in the system without authentication. This information disclosure vulnerability (CWE-204) exploits timing differences in authentication responses to distinguish valid users from invalid ones, potentially facilitating targeted attacks against known accounts.

Technical Context

This vulnerability exploits timing side-channels in the authentication mechanism of ESET Protect on-premises deployments. CWE-204 (Observable Timing Discrepancy) describes the root cause: the application returns responses at different speeds depending on whether a queried username is valid, leaking information through observable timing variations. This is a classic information disclosure issue where the application fails to implement constant-time comparison operations or uniform response delays across valid and invalid user lookups. The vulnerability affects the on-premises version of ESET Protect (cpe:2.3:a:eset,_spol._s.r.o:eset_protect_(on-prem):*) across versions, indicating a systemic authentication design weakness rather than a narrow version-specific defect.

Affected Products

ESET Protect (on-premises) is affected across all versions, as indicated by the CPE string cpe:2.3:a:eset,_spol._s.r.o:eset_protect_(on-prem):*. The vulnerability applies to on-premises deployments only; cloud-hosted variants may not be affected. Specific version boundaries have not been disclosed in available sources, suggesting the issue may affect a wide range of on-premises installations.

Remediation

Vendors and administrators should implement constant-time authentication response mechanisms to eliminate timing discrepancies between valid and invalid username lookups. Refer to the ESET Protect changelog (https://help.eset.com/changelogs/?product=protect&lang=en-US) for patched versions. Organizations should apply the latest security updates from ESET as they become available. As an interim control, rate-limiting and account lockout mechanisms on authentication endpoints can reduce the feasibility of active enumeration attacks. Network-level controls such as WAF rules to detect rapid authentication probing may also mitigate the risk.

Priority Score

27
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +26
POC: 0

Share

EUVD-2025-209122 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy