CVE-2022-2402

MEDIUM

ESET Endpoint Encryption and Full Disk Encryption - Stack-based Buffer Overflow in dlpfde.sys

Title source: llm

Description

The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows

Scores

CVSS v3 6.5

EPSS 0.0019

EPSS Percentile 8.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE

CWE-121 CWE-787

Status published

Products (2)

eset/endpoint_encryption < 5.1.2.26

eset/full_disk_encryption < 1.3.2.32

Published Sep 06, 2022

Tracked Since Feb 18, 2026