CVE-2022-27167

HIGH

ESET Windows Products < 15.1.12.0 - Privilege Escalation via Repair/Uninstall Features

Title source: llm
STIX 2.1

Description

Privilege escalation vulnerability in Windows products of ESET, spol. s r.o. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. This issue affects: ESET, spol. s r.o. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET, spol. s r.o. ESET Endpoint Antivirus 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Endpoint Security 6.0 versions prior to 9.0.2046.0. ESET, spol. s r.o. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 9.0.12012.0. ESET, spol. s r.o. ESET File Security for Microsoft Windows Server 8.0.12013.0. ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 8.0.10020.0. ESET, spol. s r.o. ESET Mail Security for IBM Domino 6.0 versions prior to 8.0.14011.0. ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 8.0.15009.0.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.eset.com/en/ca8268

Scores

CVSS v3 7.1
EPSS 0.0018
EPSS Percentile 8.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE
CWE-755 CWE-280
Status published
Products (11)
eset/endpoint_antivirus 6.0 - 8.0.2053.0
eset/endpoint_security 6.0 - 8.0.2053.0
eset/file_security 6.0 - 8.0.12013.0
eset/internet_security 11.2 - 15.1.12.0
eset/mail_security 6.0 - 8.0.10020.0
eset/mail_security 6.0 - 8.0.14011.0
eset/nod32_antivirus 11.2 - 15.1.12.0
eset/security 6.0 - 8.0.15009.0
eset/server_security 6.0
eset/server_security 8.0 - 9.0.12012.0
... and 1 more
Published May 10, 2022
Tracked Since Feb 18, 2026