CVE-2023-3160 (GCVE-0-2023-3160)
Vulnerability from cvelistv5 – Published: 2023-08-14 09:27 – Updated: 2024-10-09 20:04
VLAI?
Title
Local privilege escalation in security products for Windows
Summary
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
Severity ?
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ESET, spol. s r.o. | ESET NOD32 Antivirus |
Unaffected:
1463
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:48:07.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.eset.com/en/ca8466"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3160",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T20:03:59.300075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:04:15.607Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET NOD32 Antivirus",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Internet Security",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Smart Security Premium",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Endpoint Antivirus",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Endpoint Security",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Server Security for Windows Server (File Security)",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Mail Security for Microsoft Exchange Server",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Mail Security for IBM Domino",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
},
{
"defaultStatus": "unaffected",
"modules": [
"HIPS"
],
"product": "ESET Security for Microsoft SharePoint Server",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"status": "unaffected",
"version": "1463"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions."
}
],
"value": "\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-14T09:27:02.427Z",
"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"shortName": "ESET"
},
"references": [
{
"url": "https://support.eset.com/en/ca8466"
}
],
"source": {
"advisory": "ca8466",
"discovery": "EXTERNAL"
},
"title": "Local privilege escalation in security products for Windows",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
"assignerShortName": "ESET",
"cveId": "CVE-2023-3160",
"datePublished": "2023-08-14T09:27:02.427Z",
"dateReserved": "2023-06-08T08:28:28.513Z",
"dateUpdated": "2024-10-09T20:04:15.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*\", \"matchCriteriaId\": \"2B76C798-A8F7-4705-B85A-98CE4C44AC53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81593DEE-54D7-49D5-9AE6-20B7E2B0AF8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2CAD248-1F32-4459-A530-8706E334C67F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*\", \"matchCriteriaId\": \"5043B5B1-38B2-4621-B738-A79E5DF8D98E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*\", \"matchCriteriaId\": \"DE40A56E-EBC0-43C8-85FB-868802B4817F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:nod32:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82540E3B-B426-424F-A6FD-C0AAB596389A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*\", \"matchCriteriaId\": \"D6CCDFB5-D27D-40F5-9BFC-274DA84783E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*\", \"matchCriteriaId\": \"74BC745B-A4C5-4EAE-B985-78FDA3C40516\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"375F46B4-9FDF-48FB-935A-8BB6FEF5221A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"\\nThe vulnerability potentially allows an attacker to misuse ESET\\u2019s file operations during the module update to delete or move files without having proper permissions.\"}]",
"id": "CVE-2023-3160",
"lastModified": "2024-11-21T08:16:35.520",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security@eset.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2023-08-14T10:15:09.503",
"references": "[{\"url\": \"https://support.eset.com/en/ca8466\", \"source\": \"security@eset.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.eset.com/en/ca8466\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@eset.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@eset.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3160\",\"sourceIdentifier\":\"security@eset.com\",\"published\":\"2023-08-14T10:15:09.503\",\"lastModified\":\"2024-11-21T08:16:35.520\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nThe vulnerability potentially allows an attacker to misuse ESET\u2019s file operations during the module update to delete or move files without having proper permissions.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@eset.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"2B76C798-A8F7-4705-B85A-98CE4C44AC53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81593DEE-54D7-49D5-9AE6-20B7E2B0AF8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2CAD248-1F32-4459-A530-8706E334C67F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*\",\"matchCriteriaId\":\"5043B5B1-38B2-4621-B738-A79E5DF8D98E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*\",\"matchCriteriaId\":\"DE40A56E-EBC0-43C8-85FB-868802B4817F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:nod32:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82540E3B-B426-424F-A6FD-C0AAB596389A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*\",\"matchCriteriaId\":\"D6CCDFB5-D27D-40F5-9BFC-274DA84783E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*\",\"matchCriteriaId\":\"74BC745B-A4C5-4EAE-B985-78FDA3C40516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"375F46B4-9FDF-48FB-935A-8BB6FEF5221A\"}]}]}],\"references\":[{\"url\":\"https://support.eset.com/en/ca8466\",\"source\":\"security@eset.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.eset.com/en/ca8466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.eset.com/en/ca8466\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:48:07.675Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3160\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-09T20:03:59.300075Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-09T20:04:07.571Z\"}}], \"cna\": {\"title\": \"Local privilege escalation in security products for Windows\", \"source\": {\"advisory\": \"ca8466\", \"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET NOD32 Antivirus\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Internet Security\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Smart Security Premium\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Endpoint Antivirus\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Endpoint Security\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Server Security for Windows Server (File Security)\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Mail Security for Microsoft Exchange Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Mail Security for IBM Domino\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ESET, spol. s r.o.\", \"modules\": [\"HIPS\"], \"product\": \"ESET Security for Microsoft SharePoint Server\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1463\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://support.eset.com/en/ca8466\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nThe vulnerability potentially allows an attacker to misuse ESET\\u2019s file operations during the module update to delete or move files without having proper permissions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nThe vulnerability potentially allows an attacker to misuse ESET\\u2019s file operations during the module update to delete or move files without having proper permissions.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"shortName\": \"ESET\", \"dateUpdated\": \"2023-08-14T09:27:02.427Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-3160\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-09T20:04:15.607Z\", \"dateReserved\": \"2023-06-08T08:28:28.513Z\", \"assignerOrgId\": \"4a9b9929-2450-4021-b7b9-469a0255b215\", \"datePublished\": \"2023-08-14T09:27:02.427Z\", \"assignerShortName\": \"ESET\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…