Local Privilege Escalation vulnerability CVE-2024-035 in ESET products fixed

Posted on 2024-02-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]On February 8, 2024, ESET updated some of its antivirus products at short notice. The information about a vulnerability was "on hold" until February 14, 2024. ESET has now published a security advisory confirming a Local Privilege Escalation vulnerability in ESET products. This vulnerability was fixed by the updates announced on February 8th.

Advertising

I had reported on the updates, on February 8, 2024, in the article Important ESET product updates available (Feb. 8, 2024). ESET has released an important product update for its Windows product line ESET Endpoint Antivirus/Security. The update fixes a vulnerability that will not be disclosed in an advisory until February 14, 2024. The relevant updates are listed in the linked article. ESET Endpoint solutions for Windows in version 11 are not affected by the vulnerability.

Disclosure of the vulnerability

ESET has published on February 14, 2024 the document [[CA8612] ESET Customer Advisory: Link Following Local Privilege Escalation Vulnerability in ESET products for Windows fixed  as a warning. ESET has been informed by the Zero Day Initiative (ZDI) about a vulnerability that leads to local privilege escalation. The vulnerability CVE-2024-035 allows an attacker to abuse the file operations performed by ESET's real-time file system protection to delete files without proper authorization.

The file operation handling vulnerability, which is performed by the real-time file system protection on the Windows operating system, allows an attacker capable of executing low privileged code on the target system to potentially delete arbitrary files as NT AUTHORITY\SYSTEM and thereby escalate their privileges. The CVSS v3.1 score is given as 7.8. As far as is known, this vulnerability has not yet been exploited in the wild. The following products are affected:

  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate 16.2.15.0 and earlier
  • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 10.1.2058.0, 10.0.2049.0, 9.1.2066.0, 8.1.2052.0 and earlier from the respective version family
  • ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 10.0.12014.0, 9.0.12018.0, 8.0.12015.0, 7.3.12011.0 and earlier from the respective version family
  • ESET Mail Security for Microsoft Exchange Server 10.1.10010.0, 10.0.10017.0, 9.0.10011.0, 8.0.10022.0, 7.3.10014.0 and earlier from the respective version family
  • ESET Mail Security for IBM Domino 10.0.14006.0, 9.0.14007.0, 8.0.14010.0, 7.3.14004.0 and earlier from the respective version family
  • ESET Security for Microsoft SharePoint Server 10.0.15004.0, 9.0.15005.0, 8.0.15011.0, 7.3.15004.0 and earlier from the respective version family
  • ESET File Security for Microsoft Azure (all versions)

ESET has prepared fixed builds of its consumer, business and server security products for the Windows operating system and recommends updating to them or planning to update in the near future. The fixed builds are available in the download section or via the ESET repository.

  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate 17.0.10.0 and later
  • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 11.0.2032.0, 10.1.2063.0, 10.0.2052.0, 9.1.2071.0, 8.1.2062.0 and later from the respective version family
  • ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 10.0.12015.0, 9.0.12019.0, 8.0.12016.0, 7.3.12013.0 and later from the respective version family
  • ESET Mail Security for Microsoft Exchange Server 10.1.10014.0, 10.0.10018.0, 9.0.10012.0, 8.0.10024.0, 7.3.10018.0 and later from the respective version family
  • ESET Mail Security for IBM Domino 10.0.14007.0, 9.0.14008.0, 8.0.14014.0, 7.3.14006.0 and later from the respective version family
  • ESET Security for Microsoft SharePoint Server 10.0.15005.0, 9.0.15006.0, 8.0.15012.0, 7.3.15006.0 and later from the respective version family
  • ESET File Security for Microsoft Azure customers should migrate to the latest version of ESET Server Security for Microsoft Windows Server
Advertising
This entry was posted in Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).