CVE-2024-3779

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 74.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Eset Endpoint AntivirusEset Endpoint SecurityEset Internet Security+15 more
Timeline
PublishedJul 16

Description

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages18 packages

NVDeset/security< 17.2.7.0+1
NVDeset/smart_security< 17.2.7.0
NVDeset/server_security< 11.0.12012.0
NVDeset/endpoint_security< 11.1.2039.0
NVDeset/internet_security< 17.2.7.0

🔴Vulnerability Details

2
GHSA
GHSA-4fch-r62j-4r94: Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security produ2024-07-16
CVEList
Denial of Service in ESET products for Windows2024-07-16
CVE-2024-3779 (MEDIUM CVSS 5.5) | Denial of service vulnerability pre | cvebase.io