Versio.io

CVE-2022-27167

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 10-05-2022 10:15
Last modified: - 18-05-2022 06:35
Total changes: - 3

Description

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
None
Confidentiality
High
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
7.1
Base score
1.8
5.2
Exploitability score
Impact score
 

Verification logic

OR
vendor=eset AND product=smart_security AND software_edition=premium AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=internet_security AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=nod32_antivirus AND target_software=windows AND versionStartIncluding=11.2 AND versionEndExcluding=15.1.12.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=9.0 AND versionEndExcluding=9.0.2046.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=8.1 AND versionEndExcluding=8.1.2050.0
vendor=eset AND product=endpoint_antivirus AND target_software=windows AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.2053.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=9.0 AND versionEndExcluding=9.0.2046.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=8.1 AND versionEndExcluding=8.1.2050.0
vendor=eset AND product=endpoint_security AND target_software=windows AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.2053.0
vendor=eset AND product=security AND target_software=sharepoint_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.15009.0
vendor=eset AND product=mail_security AND target_software=domino AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.14011.0
vendor=eset AND product=mail_security AND target_software=exchange_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.10020.0
vendor=eset AND product=server_security AND target_software=azure AND versionStartIncluding=6.0
vendor=eset AND product=file_security AND target_software=windows_server AND versionStartIncluding=6.0 AND versionEndExcluding=8.0.12013.0
vendor=eset AND product=server_security AND target_software=windows_server AND versionStartIncluding=8.0 AND versionEndExcluding=9.0.12012.0
 

Reference

 


Keywords

NVD

 

CVE-2022-27167

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.