CVE-2025-5028

Published: Jul 11, 2025

Modified: Jul 11, 2025

PUBLISHED

Description

Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.

Vendor	Product	Versions
ESET, spol. s.r.o	ESET NOD32 Antivirus	affected `0 - <= 18.1.13.0`
ESET, spol. s.r.o	ESET Internet Security	affected `0 - <= 18.1.13.0`
ESET, spol. s.r.o	ESET Smart Security Premium	affected `0 - <= 18.1.13.0`
ESET, spol. s.r.o	ESET Security Ultimate	affected `0 - <= 18.1.13.0`
ESET, spol. s.r.o	ESET Endpoint Antivirus for Windows	affected `0 - <= 12.0.2049.0` affected `0 - <= 11.1.2059.0`
ESET, spol. s.r.o	ESET Endpoint Security for Windows	affected `0 - <= 12.0.2049.0` affected `0 - <= 11.1.2059.0`
ESET, spol. s.r.o	ESET Small Business Security	affected `0 - <= 18.1.13.0`
ESET, spol. s.r.o	ESET Safe Server	affected `0 - <= 18.1.13.0`

Weaknesses (CWE)

CWE-269

References

https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-5028

Description

Affected Products

Weaknesses (CWE)

References