“An attacker who can achieve SeImpersonatePrivilege rights will be able to exploit the AMSI scan function to elevate the privileges to NT AUTHORITY\SYSTEM.” ESET Mail Security for Microsoft Exchange Server from version 9 to 6.0.ESET Mail Security for IBM Domino from version 8.0 to 4.0.ESET Security for Microsoft SharePoint Server from version 8.0 to 4.0.ESET Server Security for Microsoft Azure from version 6.1002 to 4.1000.ESET Server Security for Microsoft Windows Server 3.0 and 3.1, ESET File Security for Microsoft Windows Server from version 4.0 to 6.0.ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows from version.ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, and ESET Smart Security Premium from version 10.0.337.1 to 15.0.18.0.Here below we have mentioned all the affected programs of ESET along with their respective versions:. FINDING CREDIT: Michael DePlante of Trend Micro’s Zero Day Initiative.DISCLOSURE TIMELINE: – Vulnerability reported to vendor & – Coordinated public release of advisory.DESCRIPTION: ESET Endpoint Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability.While after detecting and tracking this vulnerability, the ZDI team immediately reported this vulnerability to ESET. The cybersecurity analysts at Zero Day Initiative (ZDI) on November 18, 2021, have identified and tracked vulnerability as “ CVE-2021-37852,” which is marked as critical in terms of severity since it allows the threat actors to exploit the AMSI scanning function. ESET has recently published patches to fix a local privilege escalation vulnerability detected in all the clients of its Windows products that enables the threat actors to escalate privileges and execute arbitrary code.
0 kommentar(er)
