Vulnerability Management

Fixes Released for ESET Local Privilege Escalation Bugs

Debugging binary code with bug inside magnifying glass

SecurityWeek reports that ESET released updates for a pair of local privilege escalation flaws in its offerings for Windows and macOS.

The more significant of the two is a high-severity issue in file operations management during detected file removals in ESET's Windows antivirus, server security, and internet security products, tracked as CVE-2024-7400, which could be exploited to facilitate arbitrary file deletion and privilege escalation, according to ESET.

"ESET fixed the issue in the Cleaner module 1251, which was distributed automatically to ESET customers along with Detection engine updates. No action stemming from this advisory is required to be taken by ESET customers," said ESET.

Also addressed was a medium-severity ESET Cyber Security and Endpoint Antivirus for macOS vulnerability, tracked as CVE-2024-6654, which could be leveraged to enable a denial-of-service intrusion. ESET emphasized that there has been no evidence suggesting any active exploitation of both vulnerabilities in the wild.

You can skip this ad in 5 seconds