CVE-2024-7400
published 2024-09-27CVE-2024-7400: The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to…
PriorityP338high8.5CVSS 4.0
AVLACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.22%
12.8th percentile
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eset_spol_s_r.o | eset_endpoint_antivirus | <= 1250 | — |
| eset_spol_s_r.o | eset_endpoint_security_for_windows | <= 1250 | — |
| eset_spol_s_r.o | eset_file_security_for_microsoft_azure | <= 1250 | — |
| eset_spol_s_r.o | eset_internet_security | <= 1250 | — |
| eset_spol_s_r.o | eset_mail_security_for_ibm_domino | <= 1250 | — |
| eset_spol_s_r.o | eset_mail_security_for_microsoft_exchange_server | <= 1250 | — |
| eset_spol_s_r.o | eset_nod32_antivirus | <= 1250 | — |
| eset_spol_s_r.o | eset_safe_server | <= 1250 | — |
| eset_spol_s_r.o | eset_security_for_microsoft_sharepoint_server | <= 1250 | — |
| eset_spol_s_r.o | eset_security_ultimate | <= 1250 | — |
| eset_spol_s_r.o | eset_server_security_for_windows_server | <= 1250 | — |
| eset_spol_s_r.o | eset_small_business_security | <= 1250 | — |
| eset_spol_s_r.o | eset_smart_security_premium | <= 1250 | — |
| linux | linux_kernel | >= 0 < 5.4.287 | 5.4.287 |
| linux | linux_kernel | >= 5.11.0 < 5.15.174 | 5.15.174 |
| linux | linux_kernel | >= 5.16.0 < 6.1.120 | 6.1.120 |
| linux | linux_kernel | >= 5.5.0 < 5.10.231 | 5.10.231 |
| linux | linux_kernel | >= 6.2.0 < 6.6.66 | 6.6.66 |
| linux | linux_kernel | >= 6.7.0 < 6.12.5 | 6.12.5 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
powerpc/prom_init: Fixup missing powermac #size-cells
osv·2025-01-08
CVE-2024-56781 powerpc/prom_init: Fixup missing powermac #size-cells
powerpc/prom_init: Fixup missing powermac #size-cells
In the Linux kernel, the following vulnerability has been resolved:
powerpc/prom_init: Fixup missing powermac #size-cells
On some powermacs `escc` nodes are missing `#size-cells` properties,
which is deprecated and now triggers a warning at boot since commit
045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells
handling").
For example:
Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000
WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108
Hardware name: PowerMac3,1 7400 0xc0209 PowerMac
...
Call Trace:
of_bus_n_size_cells+0x98/0x108 (unreliable)
of_bus_default_count_cells+0x40/0x60
__of_get_address+0xc8/0x21c
__of_address_to_resource+0x5c/0x228
pmz_init_port+0x5c/0x2ec
pmz_probe.isra.0+0x
GHSA
GHSA-3f69-f27h-f53w: The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating syst
ghsa_unreviewed·2024-09-27
CVE-2024-7400 [HIGH] CWE-1386 GHSA-3f69-f27h-f53w: The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating syst
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-27
Published