CVE-2024-0353

HIGH

ESET Endpoint Antivirus < 8.1.2062.0 - Local Privilege Escalation via File Deletion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-0353. PoCs published by Milad karimi.

AI-analyzed exploit summary This is a writeup demonstrating an unquoted service path vulnerability in ESET NOD32 Antivirus 17.0.16.0. The author shows how the service path for 'ekrn.exe' is unquoted, which could potentially allow local privilege escalation if an attacker can place a malicious executable in a path with spaces.

Description

Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.

Exploits (2)

exploitdb WRITEUP
by Milad karimi · textlocalwindows
https://www.exploit-db.com/exploits/51964

This is a writeup demonstrating an unquoted service path vulnerability in ESET NOD32 Antivirus 17.0.16.0. The author shows how the service path for 'ekrn.exe' is unquoted, which could potentially allow local privilege escalation if an attacker can place a malicious executable in a path with spaces.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Theoretical
Target: ESET NOD32 Antivirus 17.0.16.0
Auth required
Prerequisites: Local access to the system · Ability to write to a directory in the unquoted path
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
by Milad karimi · textlocalwindows
https://www.exploit-db.com/exploits/51351

This is a writeup describing an unquoted service path vulnerability in ESET Service 16.0.26.0. The vulnerability could potentially allow local privilege escalation if an attacker can place a malicious executable in a path that the service attempts to execute.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: ESET Service 16.0.26.0
Auth required
Prerequisites: Local access to the system · Ability to write to a directory in the service path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.8
EPSS 0.0008
EPSS Percentile 23.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-269
Status published
Products (11)
eset/endpoint_antivirus < 8.1.2062.0
eset/endpoint_security < 8.1.2062.0
eset/file_security
eset/internet_security < 17.0.10.0
eset/mail_security < 7.3.10018.0
eset/mail_security < 7.3.14006.0
eset/nod32_antivirus < 17.0.10.0
eset/security < 17.0.10.0
eset/security < 7.3.15006.0
eset/server_security < 7.3.12013.0
... and 1 more
Published Feb 15, 2024
Tracked Since Feb 18, 2026