CVE-2025-2425
5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ESET, spol. s.r.o | ESET NOD32 Antivirus | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Internet Security | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Smart Security Premium | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Security Ultimate | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Antivirus for Windows | 0 <= 12.0.2049.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Antivirus for Windows | 0 <= 11.1.2059.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Security for Windows | 0 <= 12.0.2049.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Security for Windows | 0 <= 11.1.2059.0 | affected |
| ESET, spol. s.r.o | ESET Small Business Security | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Safe Server | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Server Security for Windows Server | 0 <= 12.0.12004.0 | affected |
| ESET, spol. s.r.o | ESET Server Security for Windows Server | 0 <= 11.1.12009.1 | affected |
| ESET, spol. s.r.o | ESET Mail Security for Microsoft Exchange Server | 0 <= 12.0.10003.0 | affected |
| ESET, spol. s.r.o | ESET Mail Security for Microsoft Exchange Server | 0 <= 11.1.10011.0 | affected |
| ESET, spol. s.r.o | ESET Security for Microsoft SharePoint Server | 0 <= 12.0.15004.0 | affected |
| ESET, spol. s.r.o | ESET Security for Microsoft SharePoint Server | 0 <= 11.1.15003.0 | affected |
Weaknesses
- CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.