Skip to main content

Smart Security

11 CVEs product

Monthly

CVE-2024-3779 MEDIUM This Month

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Denial Of Service Internet Security Nod32 +6
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0353 HIGH POC This Week

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Eset Endpoint Antivirus Endpoint Security File Security +6
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-5594 HIGH This Week

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Antivirus Endpoint Security File Security Internet Security +5
NVD
CVSS 3.1
8.6
EPSS
0.4%
CVE-2023-3160 HIGH This Week

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Endpoint Antivirus Endpoint Security Internet Security +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27167 HIGH This Week

Privilege escalation vulnerability in Windows products of ESET, spol. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Microsoft Eset Endpoint Antivirus +8
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2020-11446 HIGH This Week

ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Eset Privilege Escalation Antivirus And Antispyware Endpoint Antivirus Endpoint Security +5
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10193 HIGH This Week

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +5
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-10180 CRITICAL Act Now

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +4
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-9264 MEDIUM This Month

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass Apple Cyber Security +5
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2018-0649 HIGH This Week

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Eset Information Disclosure Compusec Deslock Pro Internet Security +3
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2014-4973 MEDIUM POC This Month

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Eset Information Disclosure Smart Security Endpoint Security
NVD
CVSS 2.0
6.9
EPSS
0.1%
EPSS 0% CVSS 5.5
MEDIUM This Month

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Denial Of Service +8
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Eset Endpoint Antivirus +8
NVD Exploit-DB
EPSS 0% CVSS 8.6
HIGH This Week

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Endpoint Antivirus Endpoint Security +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Eset Endpoint Antivirus +7
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Privilege escalation vulnerability in Windows products of ESET, spol. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Microsoft +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Eset Privilege Escalation Antivirus And Antispyware +7
NVD
EPSS 1% CVSS 7.5
HIGH This Week

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +7
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +6
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Eset Authentication Bypass +7
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Eset Information Disclosure Compusec +5
NVD
EPSS 0% CVSS 6.9
MEDIUM POC This Month

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Eset Information Disclosure Smart Security +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy