cbcvebase.
CVE-2008-5724
published 2008-12-26

CVE-2008-5724: The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a…

PriorityP433high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.80%
52.1th percentile
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.

Affected

10 ranges
VendorProductVersion rangeFixed in
esetsmart_security<= 3.0.672
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
esetsmart_security
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.