CVE-2024-3779

Denial of Service in ESET products for Windows

Severity Score

6.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.

*Credits: N/A

CVSS Scores

ESETv3.1 6.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-04-15 CVE Reserved
2024-07-16 CVE Published
2024-07-17 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-276: Incorrect Default Permissions

CAPEC

CAPEC-578: Disable Security Software

References (1)

URL	Tag	Source
https://support.eset.com/en/ca8688

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
ESET S.r.o Search vendor "ESET S.r.o"		ESET NOD32 Antivirus Search vendor "ESET S.r.o" for product "ESET NOD32 Antivirus"				<= 17.1.13.0 Search vendor "ESET S.r.o" for product "ESET NOD32 Antivirus" and version " <= 17.1.13.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Internet Security Search vendor "ESET S.r.o" for product "ESET Internet Security"				<= 17.1.13.0 Search vendor "ESET S.r.o" for product "ESET Internet Security" and version " <= 17.1.13.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Smart Security Premium Search vendor "ESET S.r.o" for product "ESET Smart Security Premium"				<= 17.1.13.0 Search vendor "ESET S.r.o" for product "ESET Smart Security Premium" and version " <= 17.1.13.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Security Ultimate Search vendor "ESET S.r.o" for product "ESET Security Ultimate"				<= 17.1.13.0 Search vendor "ESET S.r.o" for product "ESET Security Ultimate" and version " <= 17.1.13.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Endpoint Antivirus For Windows Search vendor "ESET S.r.o" for product "ESET Endpoint Antivirus For Windows"				<= 11.0.2044.0 Search vendor "ESET S.r.o" for product "ESET Endpoint Antivirus For Windows" and version " <= 11.0.2044.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Endpoint Security For Windows Search vendor "ESET S.r.o" for product "ESET Endpoint Security For Windows"				<= 11.0.2044.0 Search vendor "ESET S.r.o" for product "ESET Endpoint Security For Windows" and version " <= 11.0.2044.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Server Security For Windows Server Search vendor "ESET S.r.o" for product "ESET Server Security For Windows Server"				<= 11.0.12011.0 Search vendor "ESET S.r.o" for product "ESET Server Security For Windows Server" and version " <= 11.0.12011.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Mail Security For Microsoft Exchange Server Search vendor "ESET S.r.o" for product "ESET Mail Security For Microsoft Exchange Server"				<= 11.0.10005.0 Search vendor "ESET S.r.o" for product "ESET Mail Security For Microsoft Exchange Server" and version " <= 11.0.10005.0"		en		Affected
ESET S.r.o Search vendor "ESET S.r.o"		ESET Security For Microsoft SharePoint Server Search vendor "ESET S.r.o" for product "ESET Security For Microsoft SharePoint Server"				<= 11.0.15002.0 Search vendor "ESET S.r.o" for product "ESET Security For Microsoft SharePoint Server" and version " <= 11.0.15002.0"		en		Affected