Arbitrary File Deletion Vulnerability in ESET Security Products for Windows
CVE-2025-5028

6.8MEDIUM

Key Information:

Vendor: Eset, Spol. S.r.o
Status: Eset Nod32 Antivirus; Eset Internet Security; Eset Smart Security Premium; Eset Security Ultimate
Vendor: CVE Published:; 11 July 2025

🔔 Create Eset, Spol. S.r.o Vulnerability Alert

What is CVE-2025-5028?

ESET security products for Windows have a critical vulnerability in their installation files, enabling attackers to delete arbitrary files without necessary permissions. This flaw can jeopardize system integrity and compromise sensitive data. Users are advised to update their ESET software to the latest versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ESET Endpoint Antivirus for Windows 0 <= 12.0.2049.0

ESET Endpoint Antivirus for Windows 0 <= 11.1.2059.0

ESET Endpoint Security for Windows 0 <= 12.0.2049.0

References

https://support.eset.com/en/ca8838-arbitrary-file-deletio...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jul 11, 2025
Vulnerability Reserved
May 21, 2025

JSON

Eset, Spol. S.r.o