CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
26.9%
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\SYSTEM.
Vendor | Product | Version | CPE |
---|---|---|---|
eset | endpoint_antivirus | * | cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:* |
eset | endpoint_security | * | cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:* |
eset | file_security | * | cpe:2.3:a:eset:file_security:*:*:*:*:*:windows_server:*:* |
eset | internet_security | * | cpe:2.3:a:eset:internet_security:*:*:*:*:*:windows:*:* |
eset | mail_security | * | cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:* |
eset | mail_security | * | cpe:2.3:a:eset:mail_security:*:*:*:*:*:domino:*:* |
eset | nod32_antivirus | * | cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:windows:*:* |
eset | security | * | cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint:*:* |
eset | server_security | * | cpe:2.3:a:eset:server_security:*:*:*:*:azure:*:*:* |
eset | server_security | 8.0.12003.0 | cpe:2.3:a:eset:server_security:8.0.12003.0:*:*:*:*:windows_server:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
26.9%