CVE-2021-37852
LPE in ESET products for Windows
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
Los productos de ESET para Windows permiten a un proceso no confiable hacerse pasar por el cliente de una tuberÃa, lo que puede ser aprovechado por un atacante para escalar privilegios en el contexto de NT AUTHORITY\SYSTEM
This vulnerability allows local attackers to escalate privileges on affected installations of ESET Endpoint Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the use of named pipes. The issue results from allowing an untrusted process to impersonate the client of a pipe. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
*Credits:
Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-08-02 CVE Reserved
- 2022-01-31 CVE Published
- 2023-09-02 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-22-148 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Eset Search vendor "Eset" | Endpoint Antivirus Search vendor "Eset" for product "Endpoint Antivirus" | >= 6.6.2046.0 < 7.3.2055.0 Search vendor "Eset" for product "Endpoint Antivirus" and version " >= 6.6.2046.0 < 7.3.2055.0" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Antivirus Search vendor "Eset" for product "Endpoint Antivirus" | >= 8.0 < 8.0.2028.3 Search vendor "Eset" for product "Endpoint Antivirus" and version " >= 8.0 < 8.0.2028.3" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Antivirus Search vendor "Eset" for product "Endpoint Antivirus" | >= 8.1 < 8.1.2031.4 Search vendor "Eset" for product "Endpoint Antivirus" and version " >= 8.1 < 8.1.2031.4" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Antivirus Search vendor "Eset" for product "Endpoint Antivirus" | >= 9.0 < 9.0.2032.6 Search vendor "Eset" for product "Endpoint Antivirus" and version " >= 9.0 < 9.0.2032.6" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Security Search vendor "Eset" for product "Endpoint Security" | >= 6.6.2046.0 < 7.3.2055.0 Search vendor "Eset" for product "Endpoint Security" and version " >= 6.6.2046.0 < 7.3.2055.0" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Security Search vendor "Eset" for product "Endpoint Security" | >= 8.0 < 8.0.2028.3 Search vendor "Eset" for product "Endpoint Security" and version " >= 8.0 < 8.0.2028.3" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Security Search vendor "Eset" for product "Endpoint Security" | >= 8.1 < 8.1.2031.4 Search vendor "Eset" for product "Endpoint Security" and version " >= 8.1 < 8.1.2031.4" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Endpoint Security Search vendor "Eset" for product "Endpoint Security" | >= 9.0 < 9.0.2032.6 Search vendor "Eset" for product "Endpoint Security" and version " >= 9.0 < 9.0.2032.6" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | File Security Search vendor "Eset" for product "File Security" | >= 7.0.12014.0 <= 7.3.12006.0 Search vendor "Eset" for product "File Security" and version " >= 7.0.12014.0 <= 7.3.12006.0" | windows_server |
Affected
| ||||||
| Eset Search vendor "Eset" | Internet Security Search vendor "Eset" for product "Internet Security" | >= 10.0.337.1 < 15.0.18.0 Search vendor "Eset" for product "Internet Security" and version " >= 10.0.337.1 < 15.0.18.0" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Mail Security Search vendor "Eset" for product "Mail Security" | >= 7.0.10019 < 7.3.10014.0 Search vendor "Eset" for product "Mail Security" and version " >= 7.0.10019 < 7.3.10014.0" | exchange_server |
Affected
| ||||||
| Eset Search vendor "Eset" | Mail Security Search vendor "Eset" for product "Mail Security" | >= 7.0.14008.0 < 7.3.14003.0 Search vendor "Eset" for product "Mail Security" and version " >= 7.0.14008.0 < 7.3.14003.0" | domino |
Affected
| ||||||
| Eset Search vendor "Eset" | Mail Security Search vendor "Eset" for product "Mail Security" | >= 8.0 < 8.0.14006.0 Search vendor "Eset" for product "Mail Security" and version " >= 8.0 < 8.0.14006.0" | domino |
Affected
| ||||||
| Eset Search vendor "Eset" | Mail Security Search vendor "Eset" for product "Mail Security" | >= 8.0.10012.0 < 8.0.10018.0 Search vendor "Eset" for product "Mail Security" and version " >= 8.0.10012.0 < 8.0.10018.0" | exchange_server |
Affected
| ||||||
| Eset Search vendor "Eset" | Nod32 Antivirus Search vendor "Eset" for product "Nod32 Antivirus" | >= 10.0.337.1 <= 15.0.18.0 Search vendor "Eset" for product "Nod32 Antivirus" and version " >= 10.0.337.1 <= 15.0.18.0" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Security Search vendor "Eset" for product "Security" | >= 7.0.15008.0 <= 8.0.15004.0 Search vendor "Eset" for product "Security" and version " >= 7.0.15008.0 <= 8.0.15004.0" | sharepoint |
Affected
| ||||||
| Eset Search vendor "Eset" | Server Security Search vendor "Eset" for product "Server Security" | >= 7.0.12016.1002 <= 7.2.12004.1000 Search vendor "Eset" for product "Server Security" and version " >= 7.0.12016.1002 <= 7.2.12004.1000" | azure |
Affected
| ||||||
| Eset Search vendor "Eset" | Server Security Search vendor "Eset" for product "Server Security" | 8.0.12003.0 Search vendor "Eset" for product "Server Security" and version "8.0.12003.0" | windows_server |
Affected
| ||||||
| Eset Search vendor "Eset" | Server Security Search vendor "Eset" for product "Server Security" | 8.0.12003.1 Search vendor "Eset" for product "Server Security" and version "8.0.12003.1" | windows_server |
Affected
| ||||||
| Eset Search vendor "Eset" | Smart Security Search vendor "Eset" for product "Smart Security" | >= 10.0.337.1 <= 15.0.18.0 Search vendor "Eset" for product "Smart Security" and version " >= 10.0.337.1 <= 15.0.18.0" | windows |
Affected
| ||||||
| Eset Search vendor "Eset" | Smart Security Search vendor "Eset" for product "Smart Security" | >= 10.0.337.1 <= 15.0.18.0 Search vendor "Eset" for product "Smart Security" and version " >= 10.0.337.1 <= 15.0.18.0" | premium, windows |
Affected
| ||||||