CVE-2023-7043
published 2024-01-31CVE-2023-7043: Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService…
PriorityP422medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
EPSS
0.28%
19.9th percentile
Unquoted service path in ESET products allows to
drop a prepared program to a specific location and run on boot with the
NT AUTHORITY\NetworkService permissions.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eset | endpoint_antivirus | >= 10.1.2046.0 < 11.0.2032.0 | 11.0.2032.0 |
| eset | endpoint_security | >= 10.1.2046.0 < 11.0.2032.0 | 11.0.2032.0 |
| eset | internet_security | >= 16.1.14.0 < 17.0.15.0 | 17.0.15.0 |
| eset | mail_security | — | — |
| eset | nod32_antivirus | >= 16.1.14.0 < 17.0.15.0 | 17.0.15.0 |
| eset | smart_security_premium | >= 16.1.14.0 < 17.0.15.0 | 17.0.15.0 |
| eset_spol_s_r.o | eset_endpoint_antivirus | 10.1.2046.x – 10.1.2063.x | — |
| eset_spol_s_r.o | eset_endpoint_security | 10.1.2046.x – 10.1.2063.x | — |
| eset_spol_s_r.o | eset_internet_security | 16.1.14.0 – 16.2.15.0 | — |
| eset_spol_s_r.o | eset_mail_security_for_microsoft_exchange_server | — | — |
| eset_spol_s_r.o | eset_nod32_antivirus | 16.1.14.0 – 16.2.15.0 | — |
| eset_spol_s_r.o | eset_smart_security_premium | 16.1.14.0 – 16.2.15.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-01-31
Published