CVE-2021-37850 — Spol S R.O Eset Cyber Security PRO vulnerability

3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 68.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Eset Spol S R.O Eset Cyber Security PRO Eset Spol S R.O Eset Endpoint Antivirus FOR Macos Eset Spol S R.O Eset Endpoint Security FOR Macos +4 more

Timeline

PublishedNov 8

Latest updateMay 24

Description

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5eset_spol_s_r.o/eset_endpoint_security_for_macosunspecified — 6.10.910.0

▶CVEListV5eset_spol_s_r.o/eset_cyber_security_prounspecified — 6.10.700

▶CVEListV5eset_spol_s_r.o/eset_endpoint_antivirus_for_macosunspecified — 6.10.910.0

▶NVDeset/cyber_security6.10.700

▶NVDeset/endpoint_security6.10.910.0

🔴Vulnerability Details

GHSA

GHSA-fwc5-q384-h8fh: ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET da↗2022-05-24

▶

CVEList

Denial of service in ESET for Mac products↗2021-11-08

▶