According to the report, submitted by the Zero Day Initiative (ZDI), an attacker who is able to get SeImpersonatePrivilege can misuse the AMSI scanning feature to elevate to NT AUTHORITY\SYSTEM in some cases. On November 18, 2021, ESET became aware of a potential vulnerability of local privilege escalation in its products for Windows.
ESET mitigated the issue and recommends using the most recently released product versions, as detailed below. It potentially allows an attacker to misuse the AMSI scanning feature in specific cases. cpe:2.3:a:eset:nod32:10.0.337.A report of a potential local privilege escalation vulnerability was submitted to ESET by the Zero Day Initiative (ZDI).4ĮSET Server Security for Microsoft Windows Server: 3.0 - 3.1ĮSET File Security for Microsoft Windows Server: 4.0 - 6.0ĮSET Security for Microsoft SharePoint Server: 8.0 - 4.0ĮSET Mail Security for IBM Domino: 8.0 - 4.0ĮSET Mail Security for Microsoft Exchange Server: 9 - 6.0 The vulnerability exists due to application does not properly impose security restrictions within the use of named pipes, which leads to security restrictions bypass and privilege escalation.
The vulnerability allows a local user to escalate privileges on the system.
Server solutions for antivurus protectionĮSET File Security for Microsoft Windows ServerĮSET Security for Microsoft SharePoint ServerĮSET Mail Security for Microsoft Exchange Serverġ) Permissions, Privileges, and Access ControlsĬWE-ID: CWE-264 - Permissions, Privileges, and Access Controls ESET Server Security for Microsoft Windows Server
0 kommentar(er)
