• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Coyote malware is first-ever malware abusing Windows UI Automation

 | 

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

 | 

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

 | 

Stealth backdoor found in WordPress mu-Plugins folder

 | 

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

 | 

Sophos fixed two critical Sophos Firewall vulnerabilities

 | 

French Authorities confirm XSS.is admin arrested in Ukraine

 | 

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

 | 

Microsoft issues emergency patches for SharePoint zero-days exploited in "ToolShell" attacks

 | 

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

 | 

Singapore warns China-linked group UNC3886 targets its critical infrastructure

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Security
  • ESET fixed two privilege escalation flaws in its products

ESET fixed two privilege escalation flaws in its products

Pierluigi Paganini September 23, 2024

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems.

Cybersecurity firm ESET released security patches for two local privilege escalation vulnerabilities impacting Windows and macOS products.

The first vulnerability, tracked as CVE-2024-7400 (CVSS score of 7.3), could allow an attacker to misuse ESET’s file operations during the removal of a detected file to delete files without having proper permissions to do so.

The vulnerability impacts Windows OS, Positive Technologies Dmitriy Zuzlov reported the issue to ESET.

“The vulnerability in the file operations handling during the removal of a detected file potentially allowed an attacker with an ability to execute low-privileged code on the target system to delete arbitrary files, thus escalating their privileges.” reads the advisory. “ESET fixed the issue in the Cleaner module 1251, which was distributed automatically to ESET customers along with Detection engine updates. No action stemming from this advisory is required to be taken by ESET customers.”

The vulnerability impacts the following programs and versions:

  • ESET File Security for Microsoft Azure
  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate
  • ESET Small Business Security and ESET Safe Server
  • ESET Endpoint Antivirus and ESET Endpoint Security for Windows
  • ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server)
  • ESET Mail Security for Microsoft Exchange Server
  • ESET Mail Security for IBM Domino
  • ESET Security for Microsoft SharePoint Server

The company addressed the flaw with a fix in the Cleaner module 1251, which was automatically distributed. Pre-release users received the update starting August 1, followed by general users from August 12, with full release on August 13. Customers with regularly updated ESET products are automatically patched and need no further action. For new installations, ESET recommends downloading the latest installers from their website or repository.

ESET also addressed a local privilege escalation vulnerability, tracked as CVE-2024-6654 (CVSS score 6.8), in macOS products.

The vulnerability allows a logged user to perform a denial-of-service attack, which could be misused to disable the ESET security product and cause general system slow-down.

“ESET received a report stating that on a machine with the affected ESET product installed, it was possible for a user with low privileges to plant a symlink to a specific location, preventing ESET security product from starting properly.” reads the advisory.

The flaw impacts the following products:

  • ESET Cyber Security 7.0 – 7.4.1600.0
  • ESET Endpoint Antivirus for macOS 7.0 – 7.5.50.0

The company released Cyber Security version 7.5.74.0 and Endpoint Security for macOS version 8.0.7200.0 to address this issue.

The security firm is not aware of public exploits for both vulnerabilities. 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Privilege Escalation)


facebook linkedin twitter

Eset Hacking hacking news information security news IT Information Security Pierluigi Paganini privilege escalation Security Affairs Security News

you might also like

Pierluigi Paganini July 24, 2025
Coyote malware is first-ever malware abusing Windows UI Automation
Read more
Pierluigi Paganini July 24, 2025
SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Coyote malware is first-ever malware abusing Windows UI Automation

    Malware / July 24, 2025

    SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

    Security / July 24, 2025

    DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

    Security / July 24, 2025

    Stealth backdoor found in WordPress mu-Plugins folder

    Malware / July 24, 2025

    U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

    Hacking / July 24, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT