Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-7400

Sept. 30, 2024, 12:46 p.m.

Product(s) Impacted

ESET Antivirus

Description

The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so.

Weaknesses

CWE-1386
Insecure Operation on Windows Junction / Mount Point

The product opens a file or directory, but it does not properly prevent the name from being associated with a junction or mount point to a destination that is outside of the intended control sphere.

CWE ID: 1386

Date

Published: Sept. 27, 2024, 7:15 a.m.

Last Modified: Sept. 30, 2024, 12:46 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@eset.com

References

https://support.eset.com/ security@eset.com