CVE-2022-27167

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
ESETCNA
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
esetendpoint_antivirus
6.0 ≤
𝑥
< 8.0.2053.0
esetendpoint_antivirus
8.1 ≤
𝑥
< 8.1.2050.0
esetendpoint_antivirus
9.0 ≤
𝑥
< 9.0.2046.0
esetendpoint_security
6.0 ≤
𝑥
< 8.0.2053.0
esetendpoint_security
8.1 ≤
𝑥
< 8.1.2050.0
esetendpoint_security
9.0 ≤
𝑥
< 9.0.2046.0
esetfile_security
6.0 ≤
𝑥
< 8.0.12013.0
esetinternet_security
11.2 ≤
𝑥
< 15.1.12.0
esetmail_security
6.0 ≤
𝑥
< 8.0.10020.0
esetmail_security
6.0 ≤
𝑥
< 8.0.14011.0
esetnod32_antivirus
11.2 ≤
𝑥
< 15.1.12.0
esetsecurity
6.0 ≤
𝑥
< 8.0.15009.0
esetserver_security
6.0 ≤
esetserver_security
8.0 ≤
𝑥
< 9.0.12012.0
esetsmart_security
11.2 ≤
𝑥
< 15.1.12.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.eset.com/en/ca8268
https://support.eset.com/en/ca8268