CVE-2024-3779

Summary

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.

Affected Software

VendorProductVersion RangeStatus
ESET s.r.oESET NOD32 Antivirus0 <= 17.1.13.0affected
ESET s.r.oESET Internet Security0 <= 17.1.13.0affected
ESET s.r.oESET Smart Security Premium0 <= 17.1.13.0affected
ESET s.r.oESET Security Ultimate0 <= 17.1.13.0affected
ESET s.r.oESET Endpoint Antivirus for Windows0 <= 11.0.2044.0affected
ESET s.r.oESET Endpoint Security for Windows0 <= 11.0.2044.0affected
ESET s.r.oESET Server Security for Windows Server0 <= 11.0.12011.0affected
ESET s.r.oESET Mail Security for Microsoft Exchange Server0 <= 11.0.10005.0affected
ESET s.r.oESET Mail Security for IBM Domino0affected
ESET s.r.oESET Security for Microsoft SharePoint Server0 <= 11.0.15002.0affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References