Search
Find a vulnerability
Search criteria
2 vulnerabilities found for ESET File Security for Microsoft Azure by ESET
CVE-2025-4952 (GCVE-0-2025-4952)
Vulnerability from nvd – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
VLAI
Title
Denial-of-service vulnerability in ESET security products for Windows
Summary
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
1 reference
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| ESET | ESET NOD32 Antivirus |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Internet Security |
Unaffected:
1496
|
|
| ESET | ESET Smart Security Premium |
Unaffected:
1496
|
|
| ESET | ESET Security Ultimate |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Small Business Security |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Safe Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Endpoint Antivirus |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Endpoint Security for Windows |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Server Security for Windows Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Mail Security for Microsoft Exchange Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Mail Security for IBM Domino |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Security for Microsoft SharePoint Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET File Security for Microsoft Azure |
Unaffected:
1496
(custom)
|
Date Public
2025-08-22 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:18:06.194469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T14:18:16.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"hips"
],
"platforms": [
"Windows"
],
"product": "ESET NOD32 Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Internet Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Smart Security Premium",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security Ultimate",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Small Business Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Safe Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Security for Windows",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Server Security for Windows Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for Microsoft Exchange Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for IBM Domino",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security for Microsoft SharePoint Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET File Security for Microsoft Azure",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-08-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
}
],
"value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
}
],
"impacts": [
{
"capecId": "CAPEC-203",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-203 Manipulate Registry Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T12:28:15.267Z",
"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"shortName": "ESET"
},
"references": [
{
"url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
}
],
"source": {
"advisory": "ca8853",
"discovery": "UNKNOWN"
},
"title": "Denial-of-service vulnerability in ESET security products for Windows",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"assignerShortName": "ESET",
"cveId": "CVE-2025-4952",
"datePublished": "2025-10-31T12:28:15.267Z",
"dateReserved": "2025-05-19T10:36:38.958Z",
"dateUpdated": "2025-10-31T14:18:16.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4952 (GCVE-0-2025-4952)
Vulnerability from cvelistv5 – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
VLAI
Title
Denial-of-service vulnerability in ESET security products for Windows
Summary
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
1 reference
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
| ESET | ESET NOD32 Antivirus |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Internet Security |
Unaffected:
1496
|
|
| ESET | ESET Smart Security Premium |
Unaffected:
1496
|
|
| ESET | ESET Security Ultimate |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Small Business Security |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Safe Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Endpoint Antivirus |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Endpoint Security for Windows |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Server Security for Windows Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Mail Security for Microsoft Exchange Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Mail Security for IBM Domino |
Unaffected:
1496
(custom)
|
|
| ESET | ESET Security for Microsoft SharePoint Server |
Unaffected:
1496
(custom)
|
|
| ESET | ESET File Security for Microsoft Azure |
Unaffected:
1496
(custom)
|
Date Public
2025-08-22 10:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:18:06.194469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T14:18:16.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"hips"
],
"platforms": [
"Windows"
],
"product": "ESET NOD32 Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Internet Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Smart Security Premium",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security Ultimate",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Small Business Security",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Safe Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Antivirus",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Endpoint Security for Windows",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Server Security for Windows Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for Microsoft Exchange Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Mail Security for IBM Domino",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET Security for Microsoft SharePoint Server",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS support module"
],
"product": "ESET File Security for Microsoft Azure",
"vendor": "ESET",
"versions": [
{
"status": "unaffected",
"version": "1496",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"datePublic": "2025-08-22T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
}
],
"value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
}
],
"impacts": [
{
"capecId": "CAPEC-203",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-203 Manipulate Registry Information"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T12:28:15.267Z",
"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"shortName": "ESET"
},
"references": [
{
"url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
}
],
"source": {
"advisory": "ca8853",
"discovery": "UNKNOWN"
},
"title": "Denial-of-service vulnerability in ESET security products for Windows",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"assignerShortName": "ESET",
"cveId": "CVE-2025-4952",
"datePublished": "2025-10-31T12:28:15.267Z",
"dateReserved": "2025-05-19T10:36:38.958Z",
"dateUpdated": "2025-10-31T14:18:16.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}