Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for ESET Endpoint Antivirus by ESET

    CVE-2025-4952 (GCVE-0-2025-4952)

    Vulnerability from nvd – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
    VLAI
    Title
    Denial-of-service vulnerability in ESET security products for Windows
    Summary
    Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Date Public
    2025-08-22 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-31T14:18:06.194469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-31T14:18:16.911Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "hips"
              ],
              "platforms": [
                "Windows"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Small Business Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Safe Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-22T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
                }
              ],
              "value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-203",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-203 Manipulate Registry Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-31T12:28:15.267Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8853",
            "discovery": "UNKNOWN"
          },
          "title": "Denial-of-service vulnerability in ESET security products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-4952",
        "datePublished": "2025-10-31T12:28:15.267Z",
        "dateReserved": "2025-05-19T10:36:38.958Z",
        "dateUpdated": "2025-10-31T14:18:16.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4952 (GCVE-0-2025-4952)

    Vulnerability from cvelistv5 – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
    VLAI
    Title
    Denial-of-service vulnerability in ESET security products for Windows
    Summary
    Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Date Public
    2025-08-22 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-31T14:18:06.194469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-31T14:18:16.911Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "hips"
              ],
              "platforms": [
                "Windows"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Small Business Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Safe Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-22T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
                }
              ],
              "value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-203",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-203 Manipulate Registry Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-31T12:28:15.267Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8853",
            "discovery": "UNKNOWN"
          },
          "title": "Denial-of-service vulnerability in ESET security products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-4952",
        "datePublished": "2025-10-31T12:28:15.267Z",
        "dateReserved": "2025-05-19T10:36:38.958Z",
        "dateUpdated": "2025-10-31T14:18:16.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    JVNDB-2016-008013

    Vulnerability from jvndb - Published: 2022-02-07 14:18 - Updated:2022-02-07 14:18
    Severity
    Summary
    Multiple ESET products for macOS vulnerable to improper server certificate verification
    Details
    Multiple ESET products for macOS are vulnerable to improper server certificate verification (CWE-295). KOBAYASHI Yasuyuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008013.html",
      "dc:date": "2022-02-07T14:18+09:00",
      "dcterms:issued": "2022-02-07T14:18+09:00",
      "dcterms:modified": "2022-02-07T14:18+09:00",
      "description": "Multiple ESET products for macOS are vulnerable to improper server certificate verification (CWE-295).\r\n\r\nKOBAYASHI Yasuyuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-008013.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:eset:cyber_security",
          "@product": "ESET Cyber Security",
          "@vendor": "ESET",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:eset:endpoint_antivirus",
          "@product": "ESET Endpoint Antivirus",
          "@vendor": "ESET",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:eset:endpoint_security",
          "@product": "ESET Endpoint Security",
          "@vendor": "ESET",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-008013",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN95898697/index.html",
          "@id": "JVN#95898697",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2016-9892",
          "@id": "CVE-2016-9892",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-9892",
          "@id": "CVE-2016-9892",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Multiple ESET products for macOS vulnerable to improper server certificate verification"
    }

    JVNDB-2021-000098

    Vulnerability from jvndb - Published: 2021-10-29 14:58 - Updated:2021-10-29 14:58
    Severity
    Summary
    ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)
    Details
    ESET Cyber Security and ESET Endpoint series are antivirus software. ESET Cyber Security and ESET Endpoint series for macOS contain a denial-of-service (DoS) vulnerability (CWE-404). Zhou Tingrui of Kaijo Junior & Senior High School reported this vulnerability to the developer and IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000098.html",
      "dc:date": "2021-10-29T14:58+09:00",
      "dcterms:issued": "2021-10-29T14:58+09:00",
      "dcterms:modified": "2021-10-29T14:58+09:00",
      "description": "ESET Cyber Security and ESET Endpoint series are antivirus software. ESET Cyber Security and ESET Endpoint series for macOS contain a denial-of-service (DoS) vulnerability (CWE-404).\r\n\r\nZhou Tingrui of Kaijo Junior \u0026 Senior High School reported this vulnerability to the developer and IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-000098.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:eset:cyber_security",
          "@product": "ESET Cyber Security",
          "@vendor": "ESET",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:eset:endpoint_antivirus",
          "@product": "ESET Endpoint Antivirus",
          "@vendor": "ESET",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:eset:endpoint_security",
          "@product": "ESET Endpoint Security",
          "@vendor": "ESET",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "1.7",
          "@severity": "Low",
          "@type": "Base",
          "@vector": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
          "@version": "2.0"
        },
        {
          "@score": "5.5",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2021-000098",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN60553023/index.html",
          "@id": "JVN#60553023",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37850",
          "@id": "CVE-2021-37850",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-37850",
          "@id": "CVE-2021-37850",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)"
    }