CVE-2022-27167 Information

Description

Privilege escalation vulnerability in Windows products of ESET spol. s r.o. allows attacker to exploit \Repair\ and uninstall\ features what may lead to arbitrary file deletion. This issue affects: ESET spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Reference

https://support.eset.com/en/ca8268

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.1