Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ESET fixed two privilege escalation flaws in its products

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems. Cybersecurity firm ESET released security patches for two local privilege escalation vulnerabilities impacting Windows and macOS products. The first vulnerability, tracked as CVE-2024-7400 (CVSS score of 7.3), could allow an attacker to misuse ESET’s file operations during the removal […]

ESET Privilege Escalation

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems.

Cybersecurity firm ESET released security patches for two local privilege escalation vulnerabilities impacting Windows and macOS products.

The first vulnerability, tracked as CVE-2024-7400 (CVSS score of 7.3), could allow an attacker to misuse ESET’s file operations during the removal of a detected file to delete files without having proper permissions to do so.

The vulnerability impacts Windows OS, Positive Technologies Dmitriy Zuzlov reported the issue to ESET.

“The vulnerability in the file operations handling during the removal of a detected file potentially allowed an attacker with an ability to execute low-privileged code on the target system to delete arbitrary files, thus escalating their privileges.” reads the advisory. “ESET fixed the issue in the Cleaner module 1251, which was distributed automatically to ESET customers along with Detection engine updates. No action stemming from this advisory is required to be taken by ESET customers.”

The vulnerability impacts the following programs and versions:

  • ESET File Security for Microsoft Azure
  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate
  • ESET Small Business Security and ESET Safe Server
  • ESET Endpoint Antivirus and ESET Endpoint Security for Windows
  • ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server)
  • ESET Mail Security for Microsoft Exchange Server
  • ESET Mail Security for IBM Domino
  • ESET Security for Microsoft SharePoint Server

The company addressed the flaw with a fix in the Cleaner module 1251, which was automatically distributed. Pre-release users received the update starting August 1, followed by general users from August 12, with full release on August 13. Customers with regularly updated ESET products are automatically patched and need no further action. For new installations, ESET recommends downloading the latest installers from their website or repository.

ESET also addressed a local privilege escalation vulnerability, tracked as CVE-2024-6654 (CVSS score 6.8), in macOS products.

The vulnerability allows a logged user to perform a denial-of-service attack, which could be misused to disable the ESET security product and cause general system slow-down.

“ESET received a report stating that on a machine with the affected ESET product installed, it was possible for a user with low privileges to plant a symlink to a specific location, preventing ESET security product from starting properly.” reads the advisory.

The flaw impacts the following products:

  • ESET Cyber Security 7.0 – 7.4.1600.0
  • ESET Endpoint Antivirus for macOS 7.0 – 7.5.50.0

The company released Cyber Security version 7.5.74.0 and Endpoint Security for macOS version 8.0.7200.0 to address this issue.

The security firm is not aware of public exploits for both vulnerabilities. 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Privilege Escalation)