CVE-2024-7400
8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ESET, spol. s r.o. | ESET NOD32 Antivirus | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Internet Security | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Smart Security Premium | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Security Ultimate | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Small Business Security | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Safe Server | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Endpoint Antivirus | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Endpoint Security for Windows | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Server Security for Windows Server | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Mail Security for Microsoft Exchange Server | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Mail Security for IBM Domino | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET Security for Microsoft SharePoint Server | 0 <= 1250 | affected |
| ESET, spol. s r.o. | ESET File Security for Microsoft Azure | 0 <= 1250 | affected |
Weaknesses
- CWE-1386: CWE-1386 Insecure Operation on Windows Junction / Mount Point
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.