Cyber Security
Monthly
During internal security analysis, a local privilege escalation vulnerability has been identified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
During internal security analysis, a local privilege escalation vulnerability has been identified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.