{"containers":{"cna":{"affected":[{"product":"ESET Endpoint Encryption","vendor":"ESET, spol. s r.o.","versions":[{"lessThan":"5.1.2.26","status":"affected","version":"5.1.1.14","versionType":"custom"}]},{"product":"ESET Full Disk Encryption","vendor":"ESET, spol. s r.o.","versions":[{"lessThan":"1.3.2.32","status":"affected","version":"1.3.1.25","versionType":"custom"}]}],"datePublic":"2022-07-27T00:00:00.000Z","descriptions":[{"lang":"en","value":"The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-121","description":"CWE-121 Stack-based Buffer Overflow","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-09-06T17:18:51.000Z","orgId":"4a9b9929-2450-4021-b7b9-469a0255b215","shortName":"ESET"},"references":[{"tags":["x_refsource_MISC"],"url":"https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows"}],"source":{"advisory":"ca8298","discovery":"EXTERNAL"},"title":"Stack Overflow in ESET Endpoint Encryption and ESET Full Disk Encryption for Windows","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@eset.com","DATE_PUBLIC":"2022-07-27T14:00:00.000Z","ID":"CVE-2022-2402","STATE":"PUBLIC","TITLE":"Stack Overflow in ESET Endpoint Encryption and ESET Full Disk Encryption for Windows"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"ESET Endpoint Encryption","version":{"version_data":[{"version_affected":"<","version_name":"5.1.1.14","version_value":"5.1.2.26"}]}},{"product_name":"ESET Full Disk Encryption","version":{"version_data":[{"version_affected":"<","version_name":"1.3.1.25","version_value":"1.3.2.32"}]}}]},"vendor_name":"ESET, spol. s r.o."}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-121 Stack-based Buffer Overflow"}]}]},"references":{"reference_data":[{"name":"https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows","refsource":"MISC","url":"https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows"}]},"source":{"advisory":"ca8298","discovery":"EXTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T00:39:07.488Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.eset.com/en/ca8298-vulnerability-fixed-in-eset-endpoint-encryption-and-eset-full-disk-encryption-for-windows"}]}]},"cveMetadata":{"assignerOrgId":"4a9b9929-2450-4021-b7b9-469a0255b215","assignerShortName":"ESET","cveId":"CVE-2022-2402","datePublished":"2022-09-06T17:18:51.162Z","dateReserved":"2022-07-14T00:00:00.000Z","dateUpdated":"2024-09-16T23:55:47.949Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}