Versio.io

CVE-2021-37851

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-05-2022 05:15
Last modified: - 19-05-2022 07:18
Total changes: - 2

Description

Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0; 6.0 versions prior to 8.1.2050.0; 6.0 versions prior to 8.0.2053.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
7.8
Base score
1.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
vendor=eset AND product=smart_security AND software_edition=premium AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=internet_security AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=nod32_antivirus AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=9.0 AND versionEndExcluding=9.0.2046.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=8.1 AND versionEndExcluding=8.1.2050.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.2053.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=9.0 AND versionEndExcluding=9.0.2046.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=8.1 AND versionEndExcluding=8.1.2050.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.2053.0
vendor=eset AND product=security AND target_software=sharepoint_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.15009.0
vendor=eset AND product=server_security AND target_software=windows_server AND versionStartIncluding=8.0 AND versionEndExcluding=9.0.12012.0
vendor=eset AND product=file_security AND target_software=windows_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.12013.0
vendor=eset AND product=mail_security AND target_software=exchange_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.10020.0
vendor=eset AND product=mail_security AND target_software=domino AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.14011.0
vendor=eset AND product=server_security AND target_software=azure AND versionStartIncluding=6.0
 

Reference

 


Keywords

NVD

 

CVE-2021-37851

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.