ESET Users Vulnerable: Address CVE-2024-0353 Immediately
ESET, a cybersecurity firm, recently addressed a vulnerability across several of its antivirus products for the Windows operating system. The flaw, designated CVE-2024-0353 and rated 7.8 on the CVSS scale, pertains to the potential for local privilege escalation.
Discovered through the Zero Day Initiative (ZDI), the vulnerability involves the misuse of file operations by ESET products performed by the real-time file system protection mechanism. Successful exploitation of this vulnerability allows potential attackers to delete user files without proper authorization.
The software susceptible to this vulnerability includes:
- ESET NOD32 Antivirus, Internet Security, Smart Security Premium, Security Ultimate 16.2.15.0 and earlier versions;
- ESET Endpoint Antivirus for Windows and Endpoint Security for Windows 10.1.2058.0, 10.0.2049.0, 9.1.2066.0, 8.1.2052.0, and earlier versions from the respective version families;
- ESET Server Security for Windows Server 10.0.12014.0, 9.0.12018.0, 8.0.12015.0, 7.3.12011.0, and earlier versions from the respective version families;
- ESET Mail Security for Microsoft Exchange Server 10.1.10010.0, 10.0.10017.0, 9.0.10011.0, 8.0.10022.0, 7.3.10014.0, and earlier versions from the respective version families;
- ESET Mail Security for IBM Domino 10.0.14006.0, 9.0.14007.0, 8.0.14010.0, 7.3.14004.0, and earlier versions from the respective version families;
- ESET Security for Microsoft SharePoint Server 10.0.15004.0, 9.0.15005.0, 8.0.15011.0, 7.3.15004.0, and earlier versions from the respective version families;
- ESET File Security for Microsoft Azure (all versions).
The company has released security updates for all the aforementioned products, except those whose support period has already expired. ESET strongly advises users to update their software as soon as possible.
Vulnerabilities in security solutions pose a unique threat, as such programs possess elevated privileges and are entrusted unconditionally by end-users.
It is noteworthy that in December, ESET had already rectified another vulnerability in its products — CVE-2023-5594 (rated CVSS 7.5), affecting the secure traffic scanning function. Its successful exploitation allowed web browsers to trust websites with certificates signed by obsolete and insecure algorithms.
