Eset Cyber Security vulnerabilities

CVE-2023-2847 [HIGH] CWE-269 CVE-2023-2847: During internal security analysis, a local privilege escalation vulnerability has been identified. During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges. ESET remedied this possible attack vector and has prepared new builds of i

CVE-2021-37850 [MEDIUM] CVE-2021-37850: ESET was made aware of a vulnerability in its consumer and business products for macOS that enables ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot.

CVE-2020-10193 [HIGH] CWE-436 CVE-2020-10193: ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression In ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux

CVE-2020-10180 [CRITICAL] CWE-436 CVE-2020-10180: The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an arch The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop.

CVE-2019-17549 [MEDIUM] CVE-2019-17549: ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (k ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack.

CVE-2019-19792 [MEDIUM] CWE-276 CVE-2019-19792: A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to esc A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files.

CVE-2020-9264 [MEDIUM] CWE-436 CVE-2020-9264: ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Info ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 fo

CVE-2019-16519 [HIGH] CWE-269 CVE-2019-16519: ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks.