virus logo FortiClient Vulnerability

Local Privilege Escalation Vulnerability for ESET NOD32 Antivirus

description-logoDescription

A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. This affects ESET NOD32 Antivirus versions 13.2 and lower.

affected-products-logoAffected Applications

ESET NOD32 Antivirus

CVE References

CVE-2020-26941

Other References

https://support.eset.com/en/ca7794-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows
ID 2297
Created Aug 06, 2021
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor ESET
Patch manual
Application ESET NOD32 Antivirus