Vulnerability Description
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eset | Endpoint Antivirus | < 8.1.2062.0 |
| Eset | Endpoint Security | < 8.1.2062.0 |
| Eset | File Security | All versions |
| Eset | Internet Security | < 17.0.10.0 |
| Eset | Mail Security | < 7.3.10018.0 |
| Eset | Nod32 Antivirus | < 17.0.10.0 |
| Eset | Security | < 7.3.15006.0 |
| Eset | Server Security | < 7.3.12013.0 |
| Eset | Smart Security | < 17.0.10.0 |
Related Weaknesses (CWE)
References
- https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-pVendor Advisory
- https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-UnquoBroken Link
- https://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-UnquBroken Link
- https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-pVendor Advisory
- https://www.exploit-db.com/exploits/51351
- https://www.exploit-db.com/exploits/51964
FAQ
What is CVE-2024-0353?
CVE-2024-0353 is a vulnerability with a CVSS score of 7.8 (HIGH). Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
How severe is CVE-2024-0353?
CVE-2024-0353 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-0353?
Check the references section above for vendor advisories and patch information. Affected products include: Eset Endpoint Antivirus, Eset Endpoint Security, Eset File Security, Eset Internet Security, Eset Mail Security.