CVE-2021-37852
published 2022-02-09CVE-2021-37852: ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the…
PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.57%
42.7th percentile
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eset | endpoint_antivirus | >= 6.6.2046.0 < 7.3.2055.0 | 7.3.2055.0 |
| eset | endpoint_antivirus | >= 8.0 < 8.0.2028.3 | 8.0.2028.3 |
| eset | endpoint_antivirus | >= 8.1 < 8.1.2031.4 | 8.1.2031.4 |
| eset | endpoint_antivirus | >= 9.0 < 9.0.2032.6 | 9.0.2032.6 |
| eset | endpoint_security | >= 6.6.2046.0 < 7.3.2055.0 | 7.3.2055.0 |
| eset | endpoint_security | >= 8.0 < 8.0.2028.3 | 8.0.2028.3 |
| eset | endpoint_security | >= 8.1 < 8.1.2031.4 | 8.1.2031.4 |
| eset | endpoint_security | >= 9.0 < 9.0.2032.6 | 9.0.2032.6 |
| eset | eset_endpoint_antivirus_for_windows | 6.6.2046.0 – 9.0.2032.4 | — |
| eset | eset_endpoint_security_for_windows | 6.6.2046.0 – 9.0.2032.4 | — |
| eset | eset_file_security_for_microsoft_windows_server | 7.0.12014.0 – 7.3.12006.0 | — |
| eset | eset_internet_security | 10.0.337.1 – 15.0.18.0 | — |
| eset | eset_mail_security_for_ibm_domino | 7.0.14008.0 – 8.0.14004.0 | — |
| eset | eset_mail_security_for_microsoft_exchange_server | 7.0.10019 – 8.0.10016.0 | — |
| eset | eset_nod32_antivirus | 10.0.337.1 – 15.0.18.0 | — |
| eset | eset_security_for_microsoft_sharepoint_server | 7.0.15008.0 – 8.0.15004.0 | — |
| eset | eset_server_security_for_microsoft_azure | 7.0.12016.1002 – 7.2.12004.1000 | — |
| eset | eset_server_security_for_microsoft_windows_server | 8.0.12003.0 – 8.0.12003.1 | — |
| eset | eset_smart_security | 10.0.337.1 – 15.0.18.0 | — |
| eset | file_security | 7.0.12014.0 – 7.3.12006.0 | — |
| eset | internet_security | >= 10.0.337.1 < 15.0.18.0 | 15.0.18.0 |
| eset | mail_security | >= 7.0.10019 < 7.3.10014.0 | 7.3.10014.0 |
| eset | mail_security | >= 7.0.14008.0 < 7.3.14003.0 | 7.3.14003.0 |
| eset | mail_security | >= 8.0 < 8.0.14006.0 | 8.0.14006.0 |
| eset | mail_security | >= 8.0.10012.0 < 8.0.10018.0 | 8.0.10018.0 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windowshttps://www.zerodayinitiative.com/advisories/ZDI-22-148/https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windowshttps://www.zerodayinitiative.com/advisories/ZDI-22-148/
2022-02-09
Published