Privilege Escalation Vulnerability in ESET Smart Security and Endpoint Security
CVE-2014-4973

Currently unrated

Key Information:

Vendor: Eset
Status: Smart Security
Vendor: CVE Published:; 23 September 2014

What is CVE-2014-4973?

The ESET Personal Firewall NDIS filter driver presents a vulnerability that allows local users to escalate their privileges by sending specially crafted arguments to a specific IOCTL call. This flaw affects multiple versions of ESET Smart Security and ESET Endpoint Security, potentially allowing unauthorized access to sensitive system functionalities.

References

https://www.portcullis-security.com/security-research-and...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Aug/52

mailing-listx_refsource_FULLDISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2014
Vulnerability Reserved
Jul 15, 2014

JSON

Eset

What is CVE-2014-4973?

References

Timeline