Refine your search
4 vulnerabilities found for ESET Endpoint Antivirus by ESET
CVE-2025-4952 (GCVE-0-2025-4952)
Vulnerability from nvd
Published
2025-10-31 12:28
Modified
2025-10-31 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ESET | ESET NOD32 Antivirus |
Patch: 1496 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:18:06.194469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T14:18:16.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"hips"
],
"platforms": [
"Windows"
],
"product": "ESET NOD32 Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Internet Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Smart Security Premium",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security Ultimate",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Small Business Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Safe Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Security for Windows",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Server Security for Windows Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for Microsoft Exchange Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for IBM Domino",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security for Microsoft SharePoint Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET File Security for Microsoft Azure",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-08-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
}
],
"value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
}
],
"impacts": [
{
"capecId": "CAPEC-203",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-203 Manipulate Registry Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T12:28:15.267Z",
"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"shortName": "ESET"
},
"references": [
{
"url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
}
],
"source": {
"advisory": "ca8853",
"discovery": "UNKNOWN"
},
"title": "Denial-of-service vulnerability in ESET security products for Windows",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"assignerShortName": "ESET",
"cveId": "CVE-2025-4952",
"datePublished": "2025-10-31T12:28:15.267Z",
"dateReserved": "2025-05-19T10:36:38.958Z",
"dateUpdated": "2025-10-31T14:18:16.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4952 (GCVE-0-2025-4952)
Vulnerability from cvelistv5
Published
2025-10-31 12:28
Modified
2025-10-31 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ESET | ESET NOD32 Antivirus |
Patch: 1496 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:18:06.194469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T14:18:16.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"hips"
],
"platforms": [
"Windows"
],
"product": "ESET NOD32 Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Internet Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Smart Security Premium",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security Ultimate",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Small Business Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Safe Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Security for Windows",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Server Security for Windows Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for Microsoft Exchange Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for IBM Domino",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security for Microsoft SharePoint Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET File Security for Microsoft Azure",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-08-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
}
],
"value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
}
],
"impacts": [
{
"capecId": "CAPEC-203",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-203 Manipulate Registry Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T12:28:15.267Z",
"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"shortName": "ESET"
},
"references": [
{
"url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
}
],
"source": {
"advisory": "ca8853",
"discovery": "UNKNOWN"
},
"title": "Denial-of-service vulnerability in ESET security products for Windows",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"assignerShortName": "ESET",
"cveId": "CVE-2025-4952",
"datePublished": "2025-10-31T12:28:15.267Z",
"dateReserved": "2025-05-19T10:36:38.958Z",
"dateUpdated": "2025-10-31T14:18:16.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
jvndb-2016-008013
Vulnerability from jvndb
Published
2022-02-07 14:18
Modified
2022-02-07 14:18
Severity ?
Summary
Multiple ESET products for macOS vulnerable to improper server certificate verification
Details
Multiple ESET products for macOS are vulnerable to improper server certificate verification (CWE-295).
KOBAYASHI Yasuyuki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008013.html",
"dc:date": "2022-02-07T14:18+09:00",
"dcterms:issued": "2022-02-07T14:18+09:00",
"dcterms:modified": "2022-02-07T14:18+09:00",
"description": "Multiple ESET products for macOS are vulnerable to improper server certificate verification (CWE-295).\r\n\r\nKOBAYASHI Yasuyuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008013.html",
"sec:cpe": [
{
"#text": "cpe:/a:eset:cyber_security",
"@product": "ESET Cyber Security",
"@vendor": "ESET",
"@version": "2.2"
},
{
"#text": "cpe:/a:eset:endpoint_antivirus",
"@product": "ESET Endpoint Antivirus",
"@vendor": "ESET",
"@version": "2.2"
},
{
"#text": "cpe:/a:eset:endpoint_security",
"@product": "ESET Endpoint Security",
"@vendor": "ESET",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-008013",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN95898697/index.html",
"@id": "JVN#95898697",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2016-9892",
"@id": "CVE-2016-9892",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-9892",
"@id": "CVE-2016-9892",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple ESET products for macOS vulnerable to improper server certificate verification"
}
jvndb-2021-000098
Vulnerability from jvndb
Published
2021-10-29 14:58
Modified
2021-10-29 14:58
Severity ?
Summary
ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)
Details
ESET Cyber Security and ESET Endpoint series are antivirus software. ESET Cyber Security and ESET Endpoint series for macOS contain a denial-of-service (DoS) vulnerability (CWE-404).
Zhou Tingrui of Kaijo Junior & Senior High School reported this vulnerability to the developer and IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000098.html",
"dc:date": "2021-10-29T14:58+09:00",
"dcterms:issued": "2021-10-29T14:58+09:00",
"dcterms:modified": "2021-10-29T14:58+09:00",
"description": "ESET Cyber Security and ESET Endpoint series are antivirus software. ESET Cyber Security and ESET Endpoint series for macOS contain a denial-of-service (DoS) vulnerability (CWE-404).\r\n\r\nZhou Tingrui of Kaijo Junior \u0026 Senior High School reported this vulnerability to the developer and IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000098.html",
"sec:cpe": [
{
"#text": "cpe:/a:eset:cyber_security",
"@product": "ESET Cyber Security",
"@vendor": "ESET",
"@version": "2.2"
},
{
"#text": "cpe:/a:eset:endpoint_antivirus",
"@product": "ESET Endpoint Antivirus",
"@vendor": "ESET",
"@version": "2.2"
},
{
"#text": "cpe:/a:eset:endpoint_security",
"@product": "ESET Endpoint Security",
"@vendor": "ESET",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "1.7",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"@version": "2.0"
},
{
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-000098",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN60553023/index.html",
"@id": "JVN#60553023",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37850",
"@id": "CVE-2021-37850",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-37850",
"@id": "CVE-2021-37850",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)"
}