Japan Vulnerability NotesJVN:60553023JVN#60553023: ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
12.7%
ESET Cyber Security and ESET Endpoint series are antivirus software. ESET Cyber Security and ESET Endpoint series for macOS contain a denial-of-service (DoS) vulnerability (CWE-404).
Impact
If it is exploited, an attacker may cause a denial-of-service (DoS) to stop the applications and all daemons of the affected products.
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
The developer has released the versions listed below that address the vulnerability.
- ESET Cyber Security 6.11.2.0
- ESET Cyber Security Pro 6.11.2.0
- ESET Endpoint Antivirus for macOS 6.11.1.0
- ESET Endpoint Security for macOS 6.11.1.0
Products Affected
- ESET Cyber Security 6.10.700 and earlier
- ESET Cyber Security Pro 6.10.700 and earlier
- ESET Endpoint Antivirus for macOS 6.10.910.0 and earlier
- ESET Endpoint Security for macOS 6.10.910.0 and earlier
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
12.7%