CVE-2020-26941

CWE-276 — Incorrect Default Permissions3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 77.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Eset Endpoint Antivirus Eset Endpoint Security Eset File Security +5 more

Timeline

PublishedJan 26

Latest updateMay 24

Description

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Se…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

▶NVDeset/file_security7.2

▶NVDeset/smart_security7.3+1

▶NVDeset/mail_security7.2

▶NVDeset/endpoint_security7.3

▶NVDeset/internet_security13.2+1

🔴Vulnerability Details

GHSA

GHSA-3855-w94p-4hp9: A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via↗2022-05-24

▶

CVEList

CVE-2020-26941: A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via↗2021-01-21

▶