Archive Bypass Vulnerability in ESET Protection Products
CVE-2020-9264

5.5MEDIUM

Key Information:

Vendor

Eset

Status
Nod32 Antivirus
Internet Security
Smart Security
Mobile Security
Vendor
CVE Published:
18 February 2020

What is CVE-2020-9264?

The ESET Archive Support Module, prior to version 1296, is vulnerable to a virus detection bypass. Attackers can exploit this vulnerability by crafting a Compression Information Field within a ZIP archive, which can lead to undetected malware across ESET's line of security products. This impacts users of Smart Security Premium, Internet Security, NOD32 Antivirus, and other various platforms like macOS and Android, putting their systems at risk of compromise.

References

https://support.eset.com/en/ca7387-modules-review-decembe...
x_refsource_MISC
https://blog.zoller.lu/p/tzo-11-2020-eset-generic-malform...
x_refsource_MISC
http://seclists.org/fulldisclosure/2020/Feb/21
mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2020-9264 : Archive Bypass Vulnerability in ESET Protection Products