Description
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call.
References (2)
Core 2
Core References
Exploit x_refsource_misc
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Aug/52
Scores
EPSS
0.0131
EPSS Percentile
67.2%
Details
CWE
CWE-20
Status
published
Products (14)
eset/endpoint_security
5.0.2113
eset/endpoint_security
5.0.2122
eset/endpoint_security
5.0.2126
eset/endpoint_security
5.0.2214
eset/endpoint_security
5.0.2225
eset/endpoint_security
5.0.2228
eset/smart_security
5.0.94
eset/smart_security
5.0.95
eset/smart_security
5.2.9
eset/smart_security
5.2.15
... and 4 more
Published
Sep 23, 2014
Tracked Since
Feb 18, 2026