ESET Patches Privilege Escalation Flaws in Windows and macOS Products

ESET has resolved two privilege escalation vulnerabilities in its products for Windows and macOS operating systems. These vulnerabilities allowed attackers to gain unauthorized access to system resources.

The first vulnerability, identified as CVE-2024-7400 and rated 7.3 on the CVSS scale, affects Windows products. It permits an attacker to delete files without the necessary permissions by exploiting the operation for removing detected malicious files.

This vulnerability was discovered by Dmitry Zuzlov of Positive Technologies. The fix was implemented in the Cleaner module version 1251, which automatically updated for all ESET customers.

CVE-2024-7400 impacted several of the company’s products, including ESET NOD32 Antivirus, ESET Internet Security, ESET Endpoint Security, as well as server solutions like ESET File Security for Microsoft Azure and ESET Mail Security for Microsoft Exchange Server.

The Cleaner module update was released on August 1 for test users and on August 12 for the general user base. Customers who regularly update their ESET products need take no further action. For new installations, it is recommended to download the latest versions from the official website.

The second vulnerability, designated CVE-2024-6654 (scored 6.8 on the CVSS scale), affects macOS products. It allows a low-privileged user to execute a denial-of-service (DoS) attack, potentially disabling the ESET antivirus product and slowing down system performance. The issue stems from the ability to create a symbolic link to a specific directory, which disrupts the proper loading of the antivirus.

This vulnerability affected versions 7.0-7.4 of ESET Cyber Security and ESET Endpoint Antivirus for macOS. Updates have been released to versions 7.5.74.0 and 8.0.7200.0, respectively. As of now, ESET has no evidence of public exploits targeting these vulnerabilities.