{"containers":{"cna":{"affected":[{"product":"ESET NOD32 Antivirus","vendor":"ESET","versions":[{"lessThanOrEqual":"15.0.18.0","status":"affected","version":"10.0.337.1","versionType":"custom"}]},{"product":"ESET Internet Security","vendor":"ESET","versions":[{"lessThanOrEqual":"15.0.18.0","status":"affected","version":"10.0.337.1","versionType":"custom"}]},{"product":"ESET Smart Security","vendor":"ESET","versions":[{"lessThanOrEqual":"15.0.18.0","status":"affected","version":"10.0.337.1","versionType":"custom"}]},{"product":"ESET Endpoint Antivirus for Windows","vendor":"ESET","versions":[{"lessThanOrEqual":"9.0.2032.4","status":"affected","version":"6.6.2046.0","versionType":"custom"}]},{"product":"ESET Endpoint Security for Windows","vendor":"ESET","versions":[{"lessThanOrEqual":"9.0.2032.4","status":"affected","version":"6.6.2046.0","versionType":"custom"}]},{"product":"ESET Server Security for Microsoft Windows Server","vendor":"ESET","versions":[{"lessThanOrEqual":"8.0.12003.1","status":"affected","version":"8.0.12003.0","versionType":"custom"}]},{"product":"ESET File Security for Microsoft Windows Server","vendor":"ESET","versions":[{"lessThanOrEqual":"7.3.12006.0","status":"affected","version":"7.0.12014.0","versionType":"custom"}]},{"product":"ESET Server Security for Microsoft Azure","vendor":"ESET","versions":[{"lessThanOrEqual":"7.2.12004.1000","status":"affected","version":"7.0.12016.1002","versionType":"custom"}]},{"product":"ESET Security for Microsoft SharePoint Server","vendor":"ESET","versions":[{"lessThanOrEqual":"8.0.15004.0","status":"affected","version":"7.0.15008.0","versionType":"custom"}]},{"product":"ESET Mail Security for IBM Domino","vendor":"ESET","versions":[{"lessThanOrEqual":"8.0.14004.0","status":"affected","version":"7.0.14008.0","versionType":"custom"}]},{"product":"ESET Mail Security for Microsoft Exchange Server","vendor":"ESET","versions":[{"lessThanOrEqual":"8.0.10016.0","status":"affected","version":"7.0.10019","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative"}],"datePublic":"2022-01-31T00:00:00.000Z","descriptions":[{"lang":"en","value":"ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\\SYSTEM."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"description":"Privilege Escalation","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-02-09T05:14:13.000Z","orgId":"4a9b9929-2450-4021-b7b9-469a0255b215","shortName":"ESET"},"references":[{"tags":["x_refsource_MISC"],"url":"https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"},{"tags":["x_refsource_MISC"],"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-148/"}],"source":{"advisory":"CA8223","discovery":"EXTERNAL"},"title":"LPE in ESET products for Windows","workarounds":[{"lang":"en","value":"The attack surface can also be eliminated by disabling the Enable advanced scanning via AMSI option in ESET products’ Advanced setup.\n\nHowever, ESET strongly recommends performing an upgrade to a fixed product version and only applying this workaround when the upgrade is not possible for an important reason."}],"x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@eset.com","DATE_PUBLIC":"2022-01-31T09:00:00.000Z","ID":"CVE-2021-37852","STATE":"PUBLIC","TITLE":"LPE in ESET products for Windows"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"ESET NOD32 Antivirus","version":{"version_data":[{"version_affected":"<=","version_name":"10.0.337.1","version_value":"15.0.18.0"}]}},{"product_name":"ESET Internet Security","version":{"version_data":[{"version_affected":"<=","version_name":"10.0.337.1","version_value":"15.0.18.0"}]}},{"product_name":"ESET Smart Security","version":{"version_data":[{"version_affected":"<=","version_name":"10.0.337.1","version_value":"15.0.18.0"}]}},{"product_name":"ESET Endpoint Antivirus for Windows","version":{"version_data":[{"version_affected":"<=","version_name":"6.6.2046.0","version_value":"9.0.2032.4"}]}},{"product_name":"ESET Endpoint Security for Windows","version":{"version_data":[{"version_affected":"<=","version_name":"6.6.2046.0","version_value":"9.0.2032.4"}]}},{"product_name":"ESET Server Security for Microsoft Windows Server","version":{"version_data":[{"version_affected":"<=","version_name":"8.0.12003.0","version_value":"8.0.12003.1"}]}},{"product_name":"ESET File Security for Microsoft Windows Server","version":{"version_data":[{"version_affected":"<=","version_name":"7.0.12014.0","version_value":"7.3.12006.0"}]}},{"product_name":"ESET Server Security for Microsoft Azure","version":{"version_data":[{"version_affected":"<=","version_name":"7.0.12016.1002","version_value":"7.2.12004.1000"}]}},{"product_name":"ESET Security for Microsoft SharePoint Server","version":{"version_data":[{"version_affected":"<=","version_name":"7.0.15008.0","version_value":"8.0.15004.0"}]}},{"product_name":"ESET Mail Security for IBM Domino","version":{"version_data":[{"version_affected":"<=","version_name":"7.0.14008.0","version_value":"8.0.14004.0"}]}},{"product_name":"ESET Mail Security for Microsoft Exchange Server","version":{"version_data":[{"version_affected":"<=","version_name":"7.0.10019","version_value":"8.0.10016.0"}]}}]},"vendor_name":"ESET"}]}},"credit":[{"lang":"eng","value":"Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by attacker to escalate privileges in the context of NT AUTHORITY\\SYSTEM."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Privilege Escalation"}]}]},"references":{"reference_data":[{"name":"https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows","refsource":"MISC","url":"https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"},{"name":"https://www.zerodayinitiative.com/advisories/ZDI-22-148/","refsource":"MISC","url":"https://www.zerodayinitiative.com/advisories/ZDI-22-148/"}]},"source":{"advisory":"CA8223","discovery":"EXTERNAL"},"work_around":[{"lang":"en","value":"The attack surface can also be eliminated by disabling the Enable advanced scanning via AMSI option in ESET products’ Advanced setup.\n\nHowever, ESET strongly recommends performing an upgrade to a fixed product version and only applying this workaround when the upgrade is not possible for an important reason."}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T01:30:09.085Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-148/"}]}]},"cveMetadata":{"assignerOrgId":"4a9b9929-2450-4021-b7b9-469a0255b215","assignerShortName":"ESET","cveId":"CVE-2021-37852","datePublished":"2022-02-09T05:14:13.627Z","dateReserved":"2021-08-02T00:00:00.000Z","dateUpdated":"2024-09-16T23:02:00.516Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}