CVE-2024-7400

Summary

The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.

Affected Software

VendorProductVersion RangeStatus
ESET, spol. s r.o.ESET NOD32 Antivirus0 <= 1250affected
ESET, spol. s r.o.ESET Internet Security0 <= 1250affected
ESET, spol. s r.o.ESET Smart Security Premium0 <= 1250affected
ESET, spol. s r.o.ESET Security Ultimate0 <= 1250affected
ESET, spol. s r.o.ESET Small Business Security0 <= 1250affected
ESET, spol. s r.o.ESET Safe Server0 <= 1250affected
ESET, spol. s r.o.ESET Endpoint Antivirus0 <= 1250affected
ESET, spol. s r.o.ESET Endpoint Security for Windows0 <= 1250affected
ESET, spol. s r.o.ESET Server Security for Windows Server0 <= 1250affected
ESET, spol. s r.o.ESET Mail Security for Microsoft Exchange Server0 <= 1250affected
ESET, spol. s r.o.ESET Mail Security for IBM Domino0 <= 1250affected
ESET, spol. s r.o.ESET Security for Microsoft SharePoint Server0 <= 1250affected
ESET, spol. s r.o.ESET File Security for Microsoft Azure0 <= 1250affected

Weaknesses

  • CWE-1386: CWE-1386 Insecure Operation on Windows Junction / Mount Point

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References