Vulnerability Description
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eset | Cyber Security | < 1294 |
| Eset | Internet Security | < 1294 |
| Eset | Mobile Security | < 1294 |
| Eset | Nod32 Antivirus | < 4 |
| Eset | Smart Security | < 1294 |
| Eset | Smart Tv Security | < 1294 |
Related Weaknesses (CWE)
References
- https://blog.zoller.lu/p/from-low-hanging-fruit-department_13.htmlThird Party Advisory
- https://blog.zoller.lu/p/from-low-hanging-fruit-department_13.htmlThird Party Advisory
FAQ
What is CVE-2020-10193?
CVE-2020-10193 is a vulnerability with a CVSS score of 7.5 (HIGH). ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Secur...
How severe is CVE-2020-10193?
CVE-2020-10193 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-10193?
Check the references section above for vendor advisories and patch information. Affected products include: Eset Cyber Security, Eset Internet Security, Eset Mobile Security, Eset Nod32 Antivirus, Eset Smart Security.