CVE-2024-7400
Local privilege escalation in ESET products for Windows
Severity Score
8.5
*CVSS v4
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
System
Vulnerable | Subsequent
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-08-02 CVE Reserved
- 2024-09-27 CVE Published
- 2024-09-27 CVE Updated
- 2024-09-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1386: Insecure Operation on Windows Junction / Mount Point
CAPEC
- CAPEC-233: Privilege Escalation
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET NOD32 Antivirus Search vendor "ESET, Spol. S R.o." for product "ESET NOD32 Antivirus" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET NOD32 Antivirus" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Internet Security Search vendor "ESET, Spol. S R.o." for product "ESET Internet Security" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Internet Security" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Smart Security Premium Search vendor "ESET, Spol. S R.o." for product "ESET Smart Security Premium" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Smart Security Premium" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Security Ultimate Search vendor "ESET, Spol. S R.o." for product "ESET Security Ultimate" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Security Ultimate" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Small Business Security Search vendor "ESET, Spol. S R.o." for product "ESET Small Business Security" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Small Business Security" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Safe Server Search vendor "ESET, Spol. S R.o." for product "ESET Safe Server" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Safe Server" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Endpoint Antivirus Search vendor "ESET, Spol. S R.o." for product "ESET Endpoint Antivirus" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Endpoint Antivirus" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Endpoint Security For Windows Search vendor "ESET, Spol. S R.o." for product "ESET Endpoint Security For Windows" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Endpoint Security For Windows" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Server Security For Windows Server Search vendor "ESET, Spol. S R.o." for product "ESET Server Security For Windows Server" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Server Security For Windows Server" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Mail Security For Microsoft Exchange Server Search vendor "ESET, Spol. S R.o." for product "ESET Mail Security For Microsoft Exchange Server" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Mail Security For Microsoft Exchange Server" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Mail Security For IBM Domino Search vendor "ESET, Spol. S R.o." for product "ESET Mail Security For IBM Domino" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Mail Security For IBM Domino" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET Security For Microsoft SharePoint Server Search vendor "ESET, Spol. S R.o." for product "ESET Security For Microsoft SharePoint Server" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET Security For Microsoft SharePoint Server" and version " <= 1250" | en |
Affected
| ||||||
| ESET, Spol. S R.o. Search vendor "ESET, Spol. S R.o." | ESET File Security For Microsoft Azure Search vendor "ESET, Spol. S R.o." for product "ESET File Security For Microsoft Azure" | <= 1250 Search vendor "ESET, Spol. S R.o." for product "ESET File Security For Microsoft Azure" and version " <= 1250" | en |
Affected
| ||||||