New Update DLL Search Order Hijacking Vulnerability in ESET products for Windows fixed

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,790
Summary

A report of a DLL search order hijacking vulnerability was submitted to ESET by Andrei Gunkin from Kaspersky. The vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code. ESET mitigated this by preparing fixed versions of its security products.
Click to expand...
Details

On systems with an affected ESET product installed, an attacker could plant a malicious dynamic-link library to a specific folder and execute its content by running ESET Command Line Scanner, which would load the planted library instead of the intended system library.

This technique did not elevate the privileges, though—the attacker would have already needed to have administrator privileges to perform this attack.

The reserved CVE ID for this vulnerability is CVE-2024-11859, the CVSS v4.0 score is 6.8.
Click to expand...
Solution

ESET prepared fixed builds of its consumer, business and server security products for the Windows operating system and recommends upgrading to these or scheduling the upgrades in the near future. The fixed builds are available in the Download section of www.eset.com or via ESET Repository.
  • ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate 18.1.10.0 and later
  • ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows 12.0.2045.0, 11.1.2059.0 and later from the respective version family
  • ESET Small Business Security and ESET Safe Server 18.1.10.0 and later
  • ESET Server Security for Windows Server (formerly File Security for Microsoft Windows Server) 11.1.12009.0 and later
  • ESET Mail Security for Microsoft Exchange Server 11.1.10011.0, 11.0.10010.0, 10.1.10017.0 and later from the respective version family
  • ESET Security for Microsoft SharePoint Server 11.1.15003.0, 11.0.15007.0, 10.0.15008.0 and later from the respective version family
Click to expand...

[CA8810] DLL Search Order Hijacking Vulnerability in ESET products for Windows fixed

support.eset.com support.eset.com
 
  • Like
  • Wow
  • +Reputation
Reactions: Sunqfu, piquiteco, anirbandutta01 and 10 others
anirbandutta01

anirbandutta01

Level 11
Well-known
Jun 18, 2022
506
  • Like
Reactions: cofer123, simmerskool, piquiteco and 1 other person

Similar threads

CyberPanther
    • Like
New Update ESET patches High-Severity Privilege Escalation Vulnerability
Replies
0
Views
2,137
ESET
CyberPanther
CyberPanther
K
    • Like
    • +Reputation
Security News Microsoft Confirms Critical Windows Defender Security Vulnerability
Replies
3
Views
882
Security News
TairikuOkami
TairikuOkami
Gandalf_The_Grey
    • Like
Security News Broadcom warns of authentication bypass in VMware Windows Tools
Replies
0
Views
672
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top