ESET, a leading cybersecurity firm, recently addressed a critical local privilege escalation vulnerability in its Windows security products, identified as CVE-2024-2003. This vulnerability, reported by the Zero Day Initiative (ZDI), could have allowed attackers to exploit ESET’s file operations during a restore from quarantine, potentially leading to arbitrary file creation with elevated privileges.
The flaw involved a user with administrative access being able to plant malicious files in specific directories, which ESET’s service might then misuse during file operations. This could result in unauthorized file creation or overwriting, posing a significant security risk. The vulnerability was rated with a CVSS v3.1 score of 7.3, indicating a high severity level.
ESET responded swiftly by releasing a fix through an update to the Antivirus and antispyware scanner module on April 10, 2024, with a full public release following on April 22, 2024. The update was automatically distributed to existing customers, ensuring that all installed products were patched without requiring additional user action.
Despite the seriousness of the vulnerability, ESET reported that no active exploits had been observed in the wild. For new installations, the company recommends using the latest installers from their official site. This quick response underscores ESET’s commitment to maintaining the security and integrity of its products.
Reference:
