Jump to content

ESET NOD32 Antivirus 17.0.16.0 Privilege Escalation


Go to solution Solved by Marcos,

Recommended Posts

  • Administrators

All paths to services are quoted in ESET v17.1+:

"C:\Program Files\ESET\ESET Security\efwd.exe"

"C:\Program Files\ESET\ESET Security\ekrn.exe"

Link to comment
Share on other sites

9 minutes ago, Marcos said:

این یک باگ 1 ساله است. آخرین نسخه v17.1 است که قبلاً رفع شده است.

No, I discovered this vulnerability in the latest version

Link to comment
Share on other sites

  • Administrators
Just now, Milad Karimi said:

No, I discovered this vulnerability in the latest version

There is no such issue with v17.1.11.

Link to comment
Share on other sites

  • Administrators

In your screenshot the path is quoted so the vulnerability doesn't exist.

Link to comment
Share on other sites

  • Administrators
  • Solution

The Unquoted Service Path vulnerability in Windows occurs when services are installed using paths containing spaces without proper quotation marks. If attackers obtain write permissions in the service's installation directory, they can execute malicious code with elevated privileges.

In your screenshot it is obvious that the path is properly quoted.

Link to comment
Share on other sites

  • Administrators

Moreover, ESET has never used a service named "ESETServiceSvc" with display name "ESET Updater".

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...