CVE-2020-26941 — MEDIUM (5.5)

Q: How severe is CVE-2020-26941?

CVE-2020-26941 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-26941?

Check the references section above for vendor advisories and patch information. Affected products include: Eset Endpoint Antivirus, Eset Endpoint Security, Eset File Security, Eset Internet Security, Eset Mail Security.

Vulnerability Description

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Eset	Endpoint Antivirus	<= 7.3
Eset	Endpoint Security	<= 7.3
Eset	File Security	<= 7.2
Eset	Internet Security	<= 13.2
Eset	Mail Security	<= 7.2
Eset	Nod32 Antivirus	<= 7.3
Eset	Security	<= 7.2
Eset	Smart Security	<= 7.3

Related Weaknesses (CWE)

CWE-276

References

https://support.eset.com/en/ca7794-local-privilege-escalation-vulnerability-fixeVendor Advisory
https://support.eset.com/en/ca7794-local-privilege-escalation-vulnerability-fixeVendor Advisory

FAQ

What is CVE-2020-26941?

CVE-2020-26941 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possi...

How severe is CVE-2020-26941?

CVE-2020-26941 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-26941?

Check the references section above for vendor advisories and patch information. Affected products include: Eset Endpoint Antivirus, Eset Endpoint Security, Eset File Security, Eset Internet Security, Eset Mail Security.