Registry Tampering Vulnerability in ESET Security Products
CVE-2025-4952

6.8MEDIUM

Key Information:

Vendor: Eset
Status: Eset Nod32 Antivirus; Eset Internet Security; Eset Smart Security Premium; Eset Security Ultimate
Vendor: CVE Published:; 31 October 2025

What is CVE-2025-4952?

A security vulnerability has been identified in ESET security products that allows for unauthorized modification of registry entries. This tampering can hinder the proper startup of the products during system boot, potentially impacting user experience and security configurations. Affected users may experience issues with product functionality, leading to unauthorized changes in security settings.

Affected Version(s)

ESET Endpoint Antivirus 1496

ESET Endpoint Security for Windows 1496

ESET File Security for Microsoft Azure 1496

References

https://support.eset.com/en/ca8853-eset-customer-advisory...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 31, 2025
Vulnerability Reserved
May 19, 2025

JSON

Eset

What is CVE-2025-4952?

Affected Version(s)

References

CVSS V4

Timeline