CVE-2025-2425 (GCVE-0-2025-2425)
Vulnerability from cvelistv5
Published
2025-07-18 09:20
Modified
2025-07-18 11:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.
References
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ESET, spol. s.r.o | ESET NOD32 Antivirus |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-2425", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-07-18T11:36:44.282751Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-07-18T11:37:03.044Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ESET NOD32 Antivirus", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Internet Security", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Smart Security Premium", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Security Ultimate", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Endpoint Antivirus for Windows", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Endpoint Security for Windows", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Small Business Security", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Safe Server", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Server Security for Windows Server", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "12.0.12004.0", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "11.1.12009.1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Mail Security for Microsoft Exchange Server", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "12.0.10003.0", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "11.1.10011.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "ESET Security for Microsoft SharePoint Server", "vendor": "ESET, spol. s.r.o", "versions": [ { "lessThanOrEqual": "12.0.15004.0", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "11.1.15003.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "datePublic": "2025-07-16T10:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTime-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.\u003c/span\u003e" } ], "value": "Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-07-18T09:20:52.051Z", "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "shortName": "ESET" }, "references": [ { "url": "https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed" } ], "source": { "advisory": "ca8840", "discovery": "UNKNOWN" }, "title": "TOCTOU race condition vulnerability in ESET products on Windows", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "assignerShortName": "ESET", "cveId": "CVE-2025-2425", "datePublished": "2025-07-18T09:20:52.051Z", "dateReserved": "2025-03-17T14:49:00.303Z", "dateUpdated": "2025-07-18T11:37:03.044Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2025-2425\",\"sourceIdentifier\":\"security@eset.com\",\"published\":\"2025-07-18T10:15:30.050\",\"lastModified\":\"2025-07-22T13:06:27.983\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de condici\u00f3n de ejecuci\u00f3n de tiempo de verificaci\u00f3n a tiempo de uso potencialmente permiti\u00f3 que un atacante usara el software de seguridad ESET instalado para borrar el contenido de un archivo arbitrario en el sistema de archivos.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"references\":[{\"url\":\"https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed\",\"source\":\"security@eset.com\"}]}}", "vulnrichment": { "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-2425\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-18T11:36:44.282751Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-18T11:36:55.458Z\"}}], \"cna\": {\"title\": \"TOCTOU race condition vulnerability in ESET products on Windows\", \"source\": {\"advisory\": \"ca8840\", \"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET NOD32 Antivirus\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Internet Security\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Smart Security Premium\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Security Ultimate\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Endpoint Antivirus for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.2049.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.2059.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Endpoint Security for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.2049.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.2059.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Small Business Security\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Safe Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"18.1.13.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Server Security for Windows Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.12004.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.12009.1\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Mail Security for Microsoft Exchange Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.10003.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.10011.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s.r.o\", \"product\": \"ESET Security for Microsoft SharePoint Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.15004.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.1.15003.0\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-07-16T10:00:00.000Z\", \"references\": [{\"url\": \"https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eTime-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-367\", \"description\": \"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"shortName\": \"ESET\", \"dateUpdated\": \"2025-07-18T09:20:52.051Z\"}}}", "cveMetadata": "{\"cveId\": \"CVE-2025-2425\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-18T11:37:03.044Z\", \"dateReserved\": \"2025-03-17T14:49:00.303Z\", \"assignerOrgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"datePublished\": \"2025-07-18T09:20:52.051Z\", \"assignerShortName\": \"ESET\"}", "dataType": "CVE_RECORD", "dataVersion": "5.1" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…