ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
2022-02-09T06:15:06.990
2024-11-21T06:15:58.793
Modified
CVSSv3.1: 7.8 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | eset | endpoint_antivirus | < 7.3.2055.0 | Yes |
| Application | eset | endpoint_antivirus | < 8.0.2028.3 | Yes |
| Application | eset | endpoint_antivirus | < 8.1.2031.4 | Yes |
| Application | eset | endpoint_antivirus | < 9.0.2032.6 | Yes |
| Application | eset | endpoint_security | < 7.3.2055.0 | Yes |
| Application | eset | endpoint_security | < 8.0.2028.3 | Yes |
| Application | eset | endpoint_security | < 8.1.2031.4 | Yes |
| Application | eset | endpoint_security | < 9.0.2032.6 | Yes |
| Application | eset | file_security | ≤ 7.3.12006.0 | Yes |
| Application | eset | internet_security | < 15.0.18.0 | Yes |
| Application | eset | mail_security | < 7.3.10014.0 | Yes |
| Application | eset | mail_security | < 7.3.14003.0 | Yes |
| Application | eset | mail_security | < 8.0.14006.0 | Yes |
| Application | eset | mail_security | < 8.0.10018.0 | Yes |
| Application | eset | nod32_antivirus | ≤ 15.0.18.0 | Yes |
| Application | eset | security | ≤ 8.0.15004.0 | Yes |
| Application | eset | server_security | ≤ 7.2.12004.1000 | Yes |
| Application | eset | server_security | 8.0.12003.0 | Yes |
| Application | eset | server_security | 8.0.12003.1 | Yes |
| Application | eset | smart_security | ≤ 15.0.18.0 | Yes |
| Application | eset | smart_security | ≤ 15.0.18.0 | Yes |