CVE-2022-27167
published 2022-05-10CVE-2022-27167: Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to…
PriorityP434high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
EPSS
0.18%
8.0th percentile
Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eset | endpoint_antivirus | >= 6.0 < 8.0.2053.0 | 8.0.2053.0 |
| eset | endpoint_antivirus | >= 8.1 < 8.1.2050.0 | 8.1.2050.0 |
| eset | endpoint_antivirus | >= 9.0 < 9.0.2046.0 | 9.0.2046.0 |
| eset | endpoint_security | >= 6.0 < 8.0.2053.0 | 8.0.2053.0 |
| eset | endpoint_security | >= 8.1 < 8.1.2050.0 | 8.1.2050.0 |
| eset | endpoint_security | >= 9.0 < 9.0.2046.0 | 9.0.2046.0 |
| eset | file_security | >= 6.0 < 8.0.12013.0 | 8.0.12013.0 |
| eset | internet_security | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
| eset | mail_security | >= 6.0 < 8.0.10020.0 | 8.0.10020.0 |
| eset | mail_security | >= 6.0 < 8.0.14011.0 | 8.0.14011.0 |
| eset | nod32_antivirus | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
| eset | security | >= 6.0 < 8.0.15009.0 | 8.0.15009.0 |
| eset | server_security | >= 6.0 | — |
| eset | server_security | >= 8.0 < 9.0.12012.0 | 9.0.12012.0 |
| eset | smart_security | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
| eset_spol_s_r.o | eset_endpoint_antivirus | >= 6.0 < 9.0.2046.0 | 9.0.2046.0 |
| eset_spol_s_r.o | eset_endpoint_security | >= 6.0 < 9.0.2046.0 | 9.0.2046.0 |
| eset_spol_s_r.o | eset_file_security_for_microsoft_windows_server | — | — |
| eset_spol_s_r.o | eset_internet_security | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
| eset_spol_s_r.o | eset_mail_security_for_ibm_domino | >= 6.0 < 8.0.14011.0 | 8.0.14011.0 |
| eset_spol_s_r.o | eset_mail_security_for_microsoft_exchange_server | >= 6.0 < 8.0.10020.0 | 8.0.10020.0 |
| eset_spol_s_r.o | eset_nod32_antivirus | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
| eset_spol_s_r.o | eset_security_for_microsoft_sharepoint_server | >= 6.0 < 8.0.15009.0 | 8.0.15009.0 |
| eset_spol_s_r.o | eset_server_security_for_microsoft_windows_server | >= 8.0 < 9.0.12012.0 | 9.0.12012.0 |
| eset_spol_s_r.o | eset_smart_security_premium | >= 11.2 < 15.1.12.0 | 15.1.12.0 |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvdv2.03.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-05-10
Published