QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-27167

Back to search

CVE-2022-27167

Published: May 10, 2022

Modified: Sep 16, 2024

PUBLISHED

CVSS v3.1

7.1

HIGH

Description

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

VendorProductVersions

ESET, spol. s r.o.

ESET NOD32 Antivirus

affected
11.2 - < 15.1.12.0

ESET, spol. s r.o.

ESET Internet Security

affected
11.2 - < 15.1.12.0

ESET, spol. s r.o.

ESET Smart Security Premium

affected
11.2 - < 15.1.12.0

ESET, spol. s r.o.

ESET Endpoint Antivirus

affected
6.0 - < 9.0.2046.0

ESET, spol. s r.o.

ESET Endpoint Security

affected
6.0 - < 9.0.2046.0

ESET, spol. s r.o.

ESET Server Security for Microsoft Windows Server

affected
8.0 - < 9.0.12012.0

ESET, spol. s r.o.

ESET File Security for Microsoft Windows Server

affected
6.0 8.0.12013.0

ESET, spol. s r.o.

ESET Mail Security for Microsoft Exchange Server

affected
6.0 - < 8.0.10020.0

ESET, spol. s r.o.

ESET Mail Security for IBM Domino

affected
6.0 - < 8.0.14011.0

ESET, spol. s r.o.

ESET Security for Microsoft SharePoint Server

affected
6.0 - < 8.0.15009.0

Weaknesses (CWE)

CWE-280

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now