A critical privilege escalation vulnerability calls into question the effectiveness of a popular security solution.
ESET, a cybersecurity company, recently fixed a critical vulnerability in a number of its antivirus products for the Windows operating system. The bug, designated CVE-2024-0353 and rated 7.8 on the CVSS scale, is related to the possibility of local privilege escalation.
The vulnerability was discovered thanks to the Zero Day Initiative (ZDI) and implies abuse of file operations of ESET products performed by the real-time file system protection system. Successful exploitation of the vulnerability allows potential attackers to delete user files without the appropriate permission.
The list of software affected by this vulnerability includes the following products:
The company has released security updates for all of the above products, with the exception of those whose support period has already expired. ESET strongly recommends that users update their software as soon as possible.
Vulnerabilities in security solutions pose a particular threat, since such programs have high privileges and enjoy the unconditional trust of ordinary users.
It is worth noting that in December, ESET already fixed another vulnerability in its products-CVE-2023-5594 (CVSS score 7.5), affecting the function of scanning protected traffic. Its successful operation allowed web browsers to trust websites with certificates signed by outdated and insecure algorithms.
ESET, a cybersecurity company, recently fixed a critical vulnerability in a number of its antivirus products for the Windows operating system. The bug, designated CVE-2024-0353 and rated 7.8 on the CVSS scale, is related to the possibility of local privilege escalation.
The vulnerability was discovered thanks to the Zero Day Initiative (ZDI) and implies abuse of file operations of ESET products performed by the real-time file system protection system. Successful exploitation of the vulnerability allows potential attackers to delete user files without the appropriate permission.
The list of software affected by this vulnerability includes the following products:
- ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate 16.2.15.0 and earlier versions;
- ESET Endpoint Antivirus for Windows and Endpoint Security for Windows 10.1.2058.0, 10.0.2049.0, 9.1.2066.0, 8.1.2052.0 and earlier versions from the corresponding version family;
- ESET Server Security for Windows Server 10.0.12014.0, 9.0.12018.0, 8.0.12015.0, 7.3.12011.0 and earlier versions from the corresponding version family;
- ESET Mail Security for Microsoft Exchange Server 10.1.10010.0, 10.0.10017.0, 9.0.10011.0, 8.0.10022.0, 7.3.10014.0 and earlier versions from the corresponding version family;
- ESET Mail Security for IBM Domino 10.0.14006.0, 9.0.14007.0, 8.0.14010.0, 7.3.14004.0 and earlier versions from the corresponding version family;
- ESET Security for Microsoft SharePoint Server 10.0.15004.0, 9.0.15005.0, 8.0.15011.0, 7.3.15004.0 and earlier versions from the corresponding version family;
- ESET File Security for Microsoft Azure (all versions).
The company has released security updates for all of the above products, with the exception of those whose support period has already expired. ESET strongly recommends that users update their software as soon as possible.
Vulnerabilities in security solutions pose a particular threat, since such programs have high privileges and enjoy the unconditional trust of ordinary users.
It is worth noting that in December, ESET already fixed another vulnerability in its products-CVE-2023-5594 (CVSS score 7.5), affecting the function of scanning protected traffic. Its successful operation allowed web browsers to trust websites with certificates signed by outdated and insecure algorithms.
