Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-0353
PUBLISHED
More InfoOfficial Page
Assigner-ESET
Assigner Org ID-4a9b9929-2450-4021-b7b9-469a0255b215
View Known Exploited Vulnerability (KEV) details
Published At-15 Feb, 2024 | 07:40
Updated At-10 Dec, 2025 | 19:33
Rejected At-
▼CVE Numbering Authority (CNA)
Local privilege escalation in Windows products

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.

Affected Products
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET NOD32 Antivirus
Default Status
unaffected
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Internet Security
Default Status
unaffected
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Smart Security Premium
Default Status
unaffected
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Security Ultimate
Default Status
unaffected
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Endpoint Antivirus for Windows
Default Status
unaffected
Versions
Affected
  • From 0 through 10.1.2058.0 (custom)
  • From 0 through 10.0.2049.0 (custom)
  • From 0 through 9.1.2066.0 (custom)
  • From 0 through 8.1.2052.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Endpoint Security for Windows
Default Status
unaffected
Versions
Affected
  • From 0 through 10.1.2058.0 (custom)
  • From 0 through 10.0.2049.0 (custom)
  • From 0 through 9.1.2066.0 (custom)
  • From 0 through 8.1.2052.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Server Security for Windows Server
Default Status
unaffected
Versions
Affected
  • From 0 through 10.0.12014.0 (custom)
  • From 0 through 9.0.12018.0 (custom)
  • From 0 through 8.0.12015.0 (custom)
  • From 0 through 7.3.12011.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Mail Security for Microsoft Exchange Server
Default Status
unaffected
Versions
Affected
  • From 0 through 10.1.10010.0 (custom)
  • From 0 through 10.0.10017.0 (custom)
  • From 0 through 9.0.10011.0 (custom)
  • From 0 through 8.0.10022.0 (custom)
  • From 0 through 7.3.10014.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Mail Security for IBM Domino
Default Status
unaffected
Versions
Affected
  • From 0 through 10.0.14006.0 (custom)
  • From 0 through 9.0.14007.0 (custom)
  • From 0 through 8.0.14010.0 (custom)
  • From 0 through 7.3.14004.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET Security for Microsoft SharePoint Server
Default Status
unaffected
Versions
Affected
  • From 0 through 10.0.15004.0 (custom)
  • From 0 through 9.0.15005.0 (custom)
  • From 0 through 8.0.15011.0 (custom)
  • From 0 through 7.3.15004.0 (custom)
Vendor
ESET, spol. s r. o.ESET, spol. s r.o.
Product
ESET File Security for Microsoft Azure
Default Status
unaffected
Versions
Affected
  • From 0 through all versions (custom)
Problem Types
TypeCWE IDDescription
CWECWE-269CWE-269 Improper Privilege Management
Type: CWE
CWE ID: CWE-269
Description: CWE-269 Improper Privilege Management
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-233CAPEC-233 Privilege Escalation
CAPEC ID: CAPEC-233
Description: CAPEC-233 Privilege Escalation
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed
N/A
Hyperlink: https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-Unquoted-Service-Path.html
N/A
https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-Unquoted-Service-Path.html
N/A
https://www.exploit-db.com/exploits/51351
N/A
https://www.exploit-db.com/exploits/51964
N/A
https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed
x_transferred
Hyperlink: https://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-Unquoted-Service-Path.html
Resource: N/A
Hyperlink: https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-Unquoted-Service-Path.html
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/51351
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/51964
Resource: N/A
Hyperlink: https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
ESET, spol. s r. o.eset
Product
nod32_antivirus
CPEs
  • cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
internet_security
CPEs
  • cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
smart_security_premium
CPEs
  • cpe:2.3:a:eset:smart_security_premium:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
security_ultimate
CPEs
  • cpe:2.3:a:eset:security_ultimate:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 16.2.15.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
endpoint_antivirus
CPEs
  • cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.1.2058.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
endpoint_security
CPEs
  • cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.1.2058.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
server_security
CPEs
  • cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.0.12014.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
mail_security
CPEs
  • cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.1.10010.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
mail_security
CPEs
  • cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.0.14006.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
security
CPEs
  • cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
Default Status
unknown
Versions
Affected
  • From 0 through 10.0.15004.0 (custom)
Vendor
ESET, spol. s r. o.eset
Product
file_security
CPEs
  • cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found