CVE-2023-2847
Summary
| CVE | CVE-2023-2847 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-06-15 08:15:00 UTC |
| Updated | 2023-07-05 13:28:00 UTC |
| Description | During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges. ESET remedied this possible attack vector and has prepared new builds of its products that are no longer susceptible to this vulnerability. |
Risk And Classification
Problem Types: CWE-269
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Eset | Cyber Security | All | All | All | All |
| Application | Eset | Endpoint Antivirus | All | All | All | All |
| Application | Eset | Endpoint Antivirus | All | All | All | All |
| Application | Eset | Server Security | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [CA8447] Customer Advisory: Local privilege escalation vulnerability in ESET products for Linux and macOS fixed | MISC | support.eset.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.