CVE-2023-3160

Summary

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.

Affected Software

VendorProductVersion RangeStatus
ESET, spol. s r.o.ESET NOD32 Antivirus1463unaffected
ESET, spol. s r.o.ESET Internet Security1463unaffected
ESET, spol. s r.o.ESET Smart Security Premium1463unaffected
ESET, spol. s r.o.ESET Endpoint Antivirus1463unaffected
ESET, spol. s r.o.ESET Endpoint Security1463unaffected
ESET, spol. s r.o.ESET Server Security for Windows Server (File Security)1463unaffected
ESET, spol. s r.o.ESET Mail Security for Microsoft Exchange Server1463unaffected
ESET, spol. s r.o.ESET Mail Security for IBM Domino1463unaffected
ESET, spol. s r.o.ESET Security for Microsoft SharePoint Server1463unaffected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References