Vulnerability-Lookup

CVE-2022-27167 (GCVE-0-2022-27167)

Vulnerability from cvelistv5 – Published: 2022-05-10 19:43 – Updated: 2024-09-16 21:56

Title

Arbitrary File Deletion in ESET products for Windows

Summary

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-280 - Improper Handling of Insufficient Permissions or Privileges

Assigner

ESET

References

URL

Tags

https://support.eset.com/en/ca8268

x_refsource_MISC

Impacted products

Vendor

Product

Version

ESET, spol. s r.o.

ESET NOD32 Antivirus

Affected: 11.2 , < 15.1.12.0 (custom)

ESET, spol. s r.o.	ESET Internet Security	Affected: 11.2 , < 15.1.12.0 (custom)
ESET, spol. s r.o.	ESET Smart Security Premium	Affected: 11.2 , < 15.1.12.0 (custom)
ESET, spol. s r.o.	ESET Endpoint Antivirus	Affected: 6.0 , < 9.0.2046.0 (custom)
ESET, spol. s r.o.	ESET Endpoint Security	Affected: 6.0 , < 9.0.2046.0 (custom)
ESET, spol. s r.o.	ESET Server Security for Microsoft Windows Server	Affected: 8.0 , < 9.0.12012.0 (custom)
ESET, spol. s r.o.	ESET File Security for Microsoft Windows Server	Affected: 6.0 8.0.12013.0
ESET, spol. s r.o.	ESET Mail Security for Microsoft Exchange Server	Affected: 6.0 , < 8.0.10020.0 (custom)
ESET, spol. s r.o.	ESET Mail Security for IBM Domino	Affected: 6.0 , < 8.0.14011.0 (custom)
ESET, spol. s r.o.	ESET Security for Microsoft SharePoint Server	Affected: 6.0 , < 8.0.15009.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:18:39.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.eset.com/en/ca8268"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ESET NOD32 Antivirus",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "15.1.12.0",
              "status": "affected",
              "version": "11.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Internet Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "15.1.12.0",
              "status": "affected",
              "version": "11.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Smart Security Premium",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "15.1.12.0",
              "status": "affected",
              "version": "11.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Endpoint Antivirus",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.2050.0",
                  "status": "unaffected"
                },
                {
                  "at": "8.0.2053.0",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.2046.0",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Endpoint Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.2050.0",
                  "status": "unaffected"
                },
                {
                  "at": "8.0.2053.0",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.2046.0",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Server Security for Microsoft Windows Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "9.0.12012.0",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET File Security for Microsoft Windows Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "affected",
              "version": "6.0 8.0.12013.0"
            }
          ]
        },
        {
          "product": "ESET Mail Security for Microsoft Exchange Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "8.0.10020.0",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Mail Security for IBM Domino",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "8.0.14011.0",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "ESET Security for Microsoft SharePoint Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "8.0.15009.0",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-280",
              "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-10T19:43:59.000Z",
        "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "shortName": "ESET"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.eset.com/en/ca8268"
        }
      ],
      "source": {
        "advisory": "ca8268",
        "discovery": "EXTERNAL"
      },
      "title": "Arbitrary File Deletion in ESET products for Windows",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@eset.com",
          "DATE_PUBLIC": "2022-05-09T13:00:00.000Z",
          "ID": "CVE-2022-27167",
          "STATE": "PUBLIC",
          "TITLE": "Arbitrary File Deletion in ESET products for Windows"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ESET NOD32 Antivirus",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.2",
                            "version_value": "15.1.12.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Internet Security",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.2",
                            "version_value": "15.1.12.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Smart Security Premium",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.2",
                            "version_value": "15.1.12.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Endpoint Antivirus",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "9.0.2046.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.1.2050.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.0.2053.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Endpoint Security",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "9.0.2046.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.1.2050.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.0.2053.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Server Security for Microsoft Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.0",
                            "version_value": "9.0.12012.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET File Security for Microsoft Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "6.0",
                            "version_value": "8.0.12013.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Mail Security for Microsoft Exchange Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.0.10020.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Mail Security for IBM Domino",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.0.14011.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ESET Security for Microsoft SharePoint Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.0",
                            "version_value": "8.0.15009.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ESET, spol. s r.o."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-280 Improper Handling of Insufficient Permissions or Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.eset.com/en/ca8268",
              "refsource": "MISC",
              "url": "https://support.eset.com/en/ca8268"
            }
          ]
        },
        "source": {
          "advisory": "ca8268",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
    "assignerShortName": "ESET",
    "cveId": "CVE-2022-27167",
    "datePublished": "2022-05-10T19:43:59.570Z",
    "dateReserved": "2022-03-14T00:00:00.000Z",
    "dateUpdated": "2024-09-16T21:56:50.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-FFXJ-QGWF-8RRM

Vulnerability from github – Published: 2022-05-11 00:01 – Updated: 2022-05-19 00:00

Details

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-27167"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-10T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.",
  "id": "GHSA-ffxj-qgwf-8rrm",
  "modified": "2022-05-19T00:00:23Z",
  "published": "2022-05-11T00:01:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27167"
    },
    {
      "type": "WEB",
      "url": "https://support.eset.com/en/ca8268"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2022-27167

Vulnerability from fkie_nvd - Published: 2022-05-10 20:15 - Updated: 2024-11-21 06:55

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

References

	URL	Tags
	security@eset.com	https://support.eset.com/en/ca8268	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.eset.com/en/ca8268	Vendor Advisory

Impacted products

Vendor	Product	Version
eset	endpoint_antivirus	*
eset	endpoint_antivirus	*
eset	endpoint_antivirus	*
eset	endpoint_security	*
eset	endpoint_security	*
eset	endpoint_security	*
eset	file_security	*
eset	internet_security	*
eset	mail_security	*
eset	mail_security	*
eset	nod32_antivirus	*
eset	security	*
eset	server_security	*
eset	server_security	*
eset	smart_security	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B3B4B09F-0A8D-433D-BEB0-95B1F71C4243",
              "versionEndExcluding": "8.0.2053.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "C1B57A00-9B42-46B7-AFE1-2DF41E3AD7C8",
              "versionEndExcluding": "8.1.2050.0",
              "versionStartIncluding": "8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "9126E224-6F5B-4312-A268-25785D33D332",
              "versionEndExcluding": "9.0.2046.0",
              "versionStartIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "64320D36-E321-4AC5-B769-03B41FAF37DE",
              "versionEndExcluding": "8.0.2053.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "0839107D-7843-4C27-B91F-33733CD3658D",
              "versionEndExcluding": "8.1.2050.0",
              "versionStartIncluding": "8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "F47550A5-8416-44F4-8104-58FFB9F94EF5",
              "versionEndExcluding": "9.0.2046.0",
              "versionStartIncluding": "9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:file_security:*:*:*:*:*:windows_server:*:*",
              "matchCriteriaId": "0C0E8002-5140-494C-A890-E1D40E398F2C",
              "versionEndExcluding": "8.0.12013.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:internet_security:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "90FE16A7-F332-48C0-B42B-612B481CCA50",
              "versionEndExcluding": "15.1.12.0",
              "versionStartIncluding": "11.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:*",
              "matchCriteriaId": "33D85DF1-A33C-4445-AA40-E6DC181C455B",
              "versionEndExcluding": "8.0.10020.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:mail_security:*:*:*:*:*:domino:*:*",
              "matchCriteriaId": "19005039-6B1F-4622-AA24-4428A8B69360",
              "versionEndExcluding": "8.0.14011.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "C39C1B8A-80FC-450B-BE04-2908389FC61C",
              "versionEndExcluding": "15.1.12.0",
              "versionStartIncluding": "11.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint_server:*:*",
              "matchCriteriaId": "9292F9CA-FD25-4BE1-AAB6-E1DC060EA66A",
              "versionEndExcluding": "8.0.15009.0",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:azure:*:*",
              "matchCriteriaId": "C34234B3-5AC3-4896-9F5F-57DABC8527F1",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:windows_server:*:*",
              "matchCriteriaId": "C98987B5-8F3F-4EE1-82EB-80F2620BD3A0",
              "versionEndExcluding": "9.0.12012.0",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eset:smart_security:*:*:*:*:premium:windows:*:*",
              "matchCriteriaId": "6E82A43A-0260-4038-8BF6-F39F8E9438B8",
              "versionEndExcluding": "15.1.12.0",
              "versionStartIncluding": "11.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de escalada de privilegios en los productos Windows de ESET, spol. s r.o. permite a un atacante explotar las funciones \"Repair\" y \"Uninstall\", lo que puede conllevar a una eliminaci\u00f3n arbitraria de archivos. Este problema afecta a: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versiones anteriores a 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versiones anteriores a 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versiones anteriores a 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versiones anteriores a 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versiones anteriores a 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versiones anteriores a  9.0.12012.0. ESET, spol. s r.o. ESET File Security para Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security para Microsoft Exchange Server 6.0 versiones anteriores a  8.0.10020.0. ESET, spol. s r.o. ESET Mail Security para IBM Domino 6.0 versiones anteriores a 8.0.14011.0. ESET, spol. s r.o. ESET Security para Microsoft SharePoint Server 6.0 versiones anteriores a  8.0.15009.0"
    }
  ],
  "id": "CVE-2022-27167",
  "lastModified": "2024-11-21T06:55:19.893",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "security@eset.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-10T20:15:09.407",
  "references": [
    {
      "source": "security@eset.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.eset.com/en/ca8268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.eset.com/en/ca8268"
    }
  ],
  "sourceIdentifier": "security@eset.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-280"
        }
      ],
      "source": "security@eset.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2022-27167

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-27167

Aliases

CVE-2022-27167

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-27167",
    "description": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.",
    "id": "GSD-2022-27167"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-27167"
      ],
      "details": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.",
      "id": "GSD-2022-27167",
      "modified": "2023-12-13T01:19:41.504566Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@eset.com",
        "DATE_PUBLIC": "2022-05-09T13:00:00.000Z",
        "ID": "CVE-2022-27167",
        "STATE": "PUBLIC",
        "TITLE": "Arbitrary File Deletion in ESET products for Windows"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ESET NOD32 Antivirus",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "11.2",
                          "version_value": "15.1.12.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Internet Security",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "11.2",
                          "version_value": "15.1.12.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Smart Security Premium",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "11.2",
                          "version_value": "15.1.12.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Endpoint Antivirus",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "9.0.2046.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.1.2050.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.0.2053.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Endpoint Security",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "9.0.2046.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.1.2050.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.0.2053.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Server Security for Microsoft Windows Server",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "8.0",
                          "version_value": " 9.0.12012.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET File Security for Microsoft Windows Server",
                    "version": {
                      "version_data": [
                        {
                          "version_name": "6.0",
                          "version_value": "8.0.12013.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Mail Security for Microsoft Exchange Server",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.0.10020.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Mail Security for IBM Domino",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.0.14011.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ESET Security for Microsoft SharePoint Server",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "6.0",
                          "version_value": "8.0.15009.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ESET, spol. s r.o."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-280 Improper Handling of Insufficient Permissions or Privileges"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.eset.com/en/ca8268",
            "refsource": "MISC",
            "url": "https://support.eset.com/en/ca8268"
          }
        ]
      },
      "source": {
        "advisory": "ca8268",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:eset:smart_security:*:*:*:*:premium:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1.12.0",
                "versionStartIncluding": "11.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:internet_security:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1.12.0",
                "versionStartIncluding": "11.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.1.12.0",
                "versionStartIncluding": "11.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.2046.0",
                "versionStartIncluding": "9.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.1.2050.0",
                "versionStartIncluding": "8.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.2053.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.2046.0",
                "versionStartIncluding": "9.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.1.2050.0",
                "versionStartIncluding": "8.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.2053.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint_server:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.15009.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:mail_security:*:*:*:*:*:domino:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.14011.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.10020.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:server_security:*:*:*:*:*:azure:*:*",
                "cpe_name": [],
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:file_security:*:*:*:*:*:windows_server:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.12013.0",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:server_security:*:*:*:*:*:windows_server:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.12012.0",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@eset.com",
          "ID": "CVE-2022-27167"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit \"Repair\" and \"Uninstall\" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-755"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.eset.com/en/ca8268",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.eset.com/en/ca8268"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2022-05-18T16:35Z",
      "publishedDate": "2022-05-10T20:15Z"
    }
  }
}

CERTFR-2022-AVI-434

Vulnerability from certfr_avis - Published: 2022-05-10 - Updated: 2022-05-10

De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à l'intégrité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium versions 11.2 et suiuvantes antérieures à 15.1.12.0
ESET Endpoint Antivirus and ESET Endpoint Security versions 6.0 et suivantes antérieures à 9.0.2046.0, 8.1.2050.0 et 8.0.2053.0
ESET Server Security for Microsoft Windows Server versions 8.0 et suivantes antérieures à 9.0.12012.0
ESET File Security for Microsoft Windows Server versions 6.0 et suivantes antérieures à 8.0.12013.0
ESET Mail Security for Microsoft Exchange Server versions 6.0 et suivantes antérieures à 8.0.10020.0
ESET Mail Security for IBM Domino versions 6.0 et suivantes antéirieures à 8.0.14011.0
ESET Security for Microsoft SharePoint Server versions 6.0 et suivantes antérieures à 8.0.15009.0
ESET Server Security for Microsoft Azure version 6.0 et suivantes

L'éditeur conseille aux utilisateurs de la solution ESET Server Security for Microsoft Azure de migrer vers ESET Server Security for Microsoft Windows Server.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

CVE-2022-27167

Vulnerability from fstec - Published: 14.03.2022

Title

Уязвимость установщика средств антивирусной защиты ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server, позволяющая нарушителю повысить свои привилегии и удалить произвольные файлы

Description

Уязвимость установщика средств антивирусной защиты ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server связана с некорректной обработкой недостаточных разрешений или привилегий. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии и удалить произвольные файлы

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Vendor

ESET Software

Software Name

ESET NOD32, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server

Software Version

до 15.1.12.0 (ESET NOD32), до 15.1.12.0 (ESET Internet Security), до 15.1.12.0 (ESET Smart Security Premium), до 9.0.2046.0 (ESET Endpoint Antivirus), до 8.1.2050.0 (ESET Endpoint Antivirus), до 9.0.2046.0 (ESET Endpoint Security), до 8.0.2053.0 (ESET Endpoint Security), до 9.0.12012.0 (ESET Server Security for Microsoft Windows Server), до 8.0.12013.0 (ESET File Security for Microsoft Windows Server), до 8.0.10020.0 (ESET Mail Security for Microsoft Exchange Server), до 8.0.14011.0 (ESET Mail Security for IBM Domino), до 8.0.15009.0 (ESET Security for Microsoft SharePoint Server)

Possible Mitigations

Использование рекомендаций: https://support.eset.com/en/ca8268-local-privilege-escalation-vulnerabilities-in-installers-for-eset-products-for-windows-fixed

Reference

https://support.eset.com/en/ca8268-local-privilege-escalation-vulnerabilities-in-installers-for-eset-products-for-windows-fixed https://vuldb.com/?id.199433

CWE

CWE-280

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "ESET Software",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 15.1.12.0 (ESET NOD32), \u0434\u043e 15.1.12.0 (ESET Internet Security), \u0434\u043e 15.1.12.0 (ESET Smart Security Premium), \u0434\u043e 9.0.2046.0 (ESET Endpoint Antivirus), \u0434\u043e 8.1.2050.0 (ESET Endpoint Antivirus), \u0434\u043e 9.0.2046.0 (ESET Endpoint Security), \u0434\u043e 8.0.2053.0 (ESET Endpoint Security), \u0434\u043e 9.0.12012.0 (ESET Server Security for Microsoft Windows Server), \u0434\u043e 8.0.12013.0 (ESET File Security for Microsoft Windows Server), \u0434\u043e 8.0.10020.0 (ESET Mail Security for Microsoft Exchange Server), \u0434\u043e 8.0.14011.0 (ESET Mail Security for IBM Domino), \u0434\u043e 8.0.15009.0 (ESET Security for Microsoft SharePoint Server)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://support.eset.com/en/ca8268-local-privilege-escalation-vulnerabilities-in-installers-for-eset-products-for-windows-fixed",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.03.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "17.05.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.05.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-02987",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-27167",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "ESET NOD32, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security,  ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438  \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0445 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CWE-280)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security,  ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Microsoft SharePoint Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0445 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://support.eset.com/en/ca8268-local-privilege-escalation-vulnerabilities-in-installers-for-eset-products-for-windows-fixed\nhttps://vuldb.com/?id.199433",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-280",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-27167 (GCVE-0-2022-27167)

GHSA-FFXJ-QGWF-8RRM

FKIE_CVE-2022-27167

GSD-2022-27167

CERTFR-2022-AVI-434

Solution

CVE-2022-27167

Tags

Sightings

Nomenclature