CVE-2025-5028
6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
Installation file of ESET security products on Windows
allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ESET, spol. s.r.o | ESET NOD32 Antivirus | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Internet Security | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Smart Security Premium | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Security Ultimate | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Antivirus for Windows | 0 <= 12.0.2049.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Antivirus for Windows | 0 <= 11.1.2059.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Security for Windows | 0 <= 12.0.2049.0 | affected |
| ESET, spol. s.r.o | ESET Endpoint Security for Windows | 0 <= 11.1.2059.0 | affected |
| ESET, spol. s.r.o | ESET Small Business Security | 0 <= 18.1.13.0 | affected |
| ESET, spol. s.r.o | ESET Safe Server | 0 <= 18.1.13.0 | affected |
Weaknesses
- CWE-269: CWE-269 Improper Privilege Management
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.