1. Home
  2. CVE Database
  3. CVE-2023-2847
HIGH · 7.8

CVE-2023-2847

During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privile...

Vulnerability Description

During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges. ESET remedied this possible attack vector and has prepared new builds of its products that are no longer susceptible to this vulnerability.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
EsetCyber Security>= 7.3.0, < 7.3.3700.0
EsetEndpoint Antivirus< 8.1.12.0
EsetServer Security< 8.1.823.0

Related Weaknesses (CWE)

CWE-269

References

FAQ

What is CVE-2023-2847?

CVE-2023-2847 is a vulnerability with a CVSS score of 7.8 (HIGH). During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privile...

How severe is CVE-2023-2847?

CVE-2023-2847 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-2847?

Check the references section above for vendor advisories and patch information. Affected products include: Eset Cyber Security, Eset Endpoint Antivirus, Eset Server Security.