Skip to main content

Eset

20 CVEs product

Monthly

CVE-2024-6654 MEDIUM This Month

Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Eset Information Disclosure
NVD
CVSS 4.0
6.8
EPSS
0.2%
CVE-2024-7400 HIGH This Week

The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Eset Information Disclosure Microsoft
NVD
CVSS 4.0
8.5
EPSS
0.2%
CVE-2024-3779 MEDIUM This Month

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Denial Of Service Internet Security Nod32 +6
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-2003 HIGH This Week

Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2024-0353 HIGH POC This Week

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Eset Endpoint Antivirus Endpoint Security File Security +6
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-3160 HIGH This Week

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Endpoint Antivirus Endpoint Security Internet Security +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-2847 HIGH This Week

During internal security analysis, a local privilege escalation vulnerability has been identified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Cyber Security Endpoint Antivirus Server Security
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-27167 HIGH This Week

Privilege escalation vulnerability in Windows products of ESET, spol. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Microsoft Eset Endpoint Antivirus +8
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-0615 HIGH This Week

Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Eset Information Disclosure Endpoint Antivirus +1
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-37850 MEDIUM This Month

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Eset Cyber Security Endpoint Antivirus +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-11446 HIGH This Week

ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Eset Privilege Escalation Antivirus And Antispyware Endpoint Antivirus Endpoint Security +5
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10193 HIGH This Week

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +5
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-10180 CRITICAL Act Now

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +4
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-9264 MEDIUM This Month

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +5
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-16519 HIGH This Week

ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Apple Cyber Security Endpoint Antivirus +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-0649 HIGH This Week

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Eset Information Disclosure Compusec Deslock Pro Internet Security +3
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2016-9892 MEDIUM POC This Month

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Eset Apple RCE Endpoint Antivirus Endpoint Security
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2015-8841 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.4%.

Memory Corruption Eset Buffer Overflow RCE Nod32
NVD
CVSS 3.1
9.8
EPSS
16.4%
Threat
4.0
CVE-2014-4974 LOW Monitor

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Eset Information Disclosure Personal Firewall Ndis Filter
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-4973 MEDIUM POC This Month

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Eset Information Disclosure Smart Security Endpoint Security
NVD
CVSS 2.0
6.9
EPSS
0.1%
EPSS 0% CVSS 6.8
MEDIUM This Month

Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Eset Information Disclosure
NVD
EPSS 0% CVSS 8.5
HIGH This Week

The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Eset Information Disclosure Microsoft
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Denial Of Service +8
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Eset Endpoint Antivirus +8
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Endpoint Antivirus +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

During internal security analysis, a local privilege escalation vulnerability has been identified. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Cyber Security +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Privilege escalation vulnerability in Windows products of ESET, spol. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Microsoft +10
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Eset +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Eset +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Eset Privilege Escalation Antivirus And Antispyware +7
NVD
EPSS 1% CVSS 7.5
HIGH This Week

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +7
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Apple +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Eset Information Disclosure Compusec +5
NVD
EPSS 0% CVSS 5.9
MEDIUM POC This Month

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Eset Apple RCE +2
NVD
EPSS 16% 4.0 CVSS 9.8
CRITICAL POC THREAT Emergency

Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages in an EPOC installation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.4%.

Memory Corruption Eset Buffer Overflow +2
NVD
EPSS 0% CVSS 2.1
LOW Monitor

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Eset Information Disclosure Personal Firewall Ndis Filter
NVD
EPSS 0% CVSS 6.9
MEDIUM POC This Month

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Eset Information Disclosure Smart Security +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy