CVE-2023-3160 (GCVE-0-2023-3160)
Vulnerability from cvelistv5
Published
2023-08-14 09:27
Modified
2024-10-09 20:04
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-269 - Improper Privilege Management
Summary
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
References
Impacted products
Vendor Product Version
ESET, spol. s r.o. ESET NOD32 Antivirus Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:48:07.675Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.eset.com/en/ca8466"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3160",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-09T20:03:59.300075Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T20:04:15.607Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET NOD32 Antivirus",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Internet Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Smart Security Premium",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Endpoint Antivirus",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Endpoint Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Server Security for Windows Server (File Security)",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Mail Security for Microsoft Exchange Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Mail Security for IBM Domino",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "HIPS"
          ],
          "product": "ESET Security for Microsoft SharePoint Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "status": "unaffected",
              "version": "1463"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions."
            }
          ],
          "value": "\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-14T09:27:02.427Z",
        "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "shortName": "ESET"
      },
      "references": [
        {
          "url": "https://support.eset.com/en/ca8466"
        }
      ],
      "source": {
        "advisory": "ca8466",
        "discovery": "EXTERNAL"
      },
      "title": "Local privilege escalation in security products for Windows",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
    "assignerShortName": "ESET",
    "cveId": "CVE-2023-3160",
    "datePublished": "2023-08-14T09:27:02.427Z",
    "dateReserved": "2023-06-08T08:28:28.513Z",
    "dateUpdated": "2024-10-09T20:04:15.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-3160\",\"sourceIdentifier\":\"security@eset.com\",\"published\":\"2023-08-14T10:15:09.503\",\"lastModified\":\"2024-11-21T08:16:35.520\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2B76C798-A8F7-4705-B85A-98CE4C44AC53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81593DEE-54D7-49D5-9AE6-20B7E2B0AF8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2CAD248-1F32-4459-A530-8706E334C67F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*\",\"matchCriteriaId\":\"5043B5B1-38B2-4621-B738-A79E5DF8D98E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*\",\"matchCriteriaId\":\"DE40A56E-EBC0-43C8-85FB-868802B4817F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:nod32:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82540E3B-B426-424F-A6FD-C0AAB596389A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*\",\"matchCriteriaId\":\"D6CCDFB5-D27D-40F5-9BFC-274DA84783E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*\",\"matchCriteriaId\":\"74BC745B-A4C5-4EAE-B985-78FDA3C40516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"375F46B4-9FDF-48FB-935A-8BB6FEF5221A\"}]}]}],\"references\":[{\"url\":\"https://support.eset.com/en/ca8466\",\"source\":\"security@eset.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.eset.com/en/ca8466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.eset.com/en/ca8466\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:48:07.675Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3160\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-09T20:03:59.300075Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-09T20:04:07.571Z\"}}], \"cna\": {\"title\": \"Local privilege escalation in security products for Windows\", \"source\": {\"advisory\": \"ca8466\", \"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET NOD32 Antivirus\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Internet Security\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Smart Security Premium\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Endpoint Antivirus\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Endpoint Security\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Server Security for Windows Server (File Security)\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Mail Security for Microsoft Exchange Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Mail Security for IBM Domino\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Security for Microsoft SharePoint Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://support.eset.com/en/ca8466\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nThe vulnerability potentially allows an attacker to misuse ESET\\u2019s file operations during the module update to delete or move files without having proper permissions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nThe vulnerability potentially allows an attacker to misuse ESET\\u2019s file operations during the module update to delete or move files without having proper permissions.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"shortName\": \"ESET\", \"dateUpdated\": \"2023-08-14T09:27:02.427Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-3160\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-09T20:04:15.607Z\", \"dateReserved\": \"2023-06-08T08:28:28.513Z\", \"assignerOrgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"datePublished\": \"2023-08-14T09:27:02.427Z\", \"assignerShortName\": \"ESET\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.