Jump to content

ESET NOD32 Antivirus 17.0.16.0 Privilege Escalation


Go to solution Solved by Marcos,

Recommended Posts

  • Administrators

All paths to services are quoted in ESET v17.1+:

"C:\Program Files\ESET\ESET Security\efwd.exe"

"C:\Program Files\ESET\ESET Security\ekrn.exe"

Link to comment
Share on other sites

9 minutes ago, Marcos said:

این یک باگ 1 ساله است. آخرین نسخه v17.1 است که قبلاً رفع شده است.

No, I discovered this vulnerability in the latest version

Link to comment
Share on other sites

  • Administrators
Just now, Milad Karimi said:

No, I discovered this vulnerability in the latest version

There is no such issue with v17.1.11.

Link to comment
Share on other sites

  • Administrators

In your screenshot the path is quoted so the vulnerability doesn't exist.

Link to comment
Share on other sites

  • Administrators
  • Solution

The Unquoted Service Path vulnerability in Windows occurs when services are installed using paths containing spaces without proper quotation marks. If attackers obtain write permissions in the service's installation directory, they can execute malicious code with elevated privileges.

In your screenshot it is obvious that the path is properly quoted.

Link to comment
Share on other sites

  • Administrators

Moreover, ESET has never used a service named "ESETServiceSvc" with display name "ESET Updater".

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...