CVE-2020-11446 - OpenCVE

ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Eset	Mail Security Endpoint Antivirus File Security Smart Security Nod32 Antivirus Antivirus And Antispyware Internet Security Endpoint Security

Configuration 1 [-]

OR	cpe:2.3:a:eset:antivirus_and_antispyware::::::::
	cpe:2.3:a:eset:endpoint_antivirus:-:::::-::
	cpe:2.3:a:eset:endpoint_security:-:::::::*
	cpe:2.3:a:eset:file_security:-:::::windows_server::
	cpe:2.3:a:eset:internet_security:-:::::::*
	cpe:2.3:a:eset:mail_security:-:::::domino::
	cpe:2.3:a:eset:mail_security:-:::::exchange_server::
	cpe:2.3:a:eset:mail_security:-:::::kerio::
	cpe:2.3:a:eset:mail_security:-:::::sharepoint_server::
	cpe:2.3:a:eset:nod32_antivirus:-:::::::*
	cpe:2.3:a:eset:nod32_antivirus:-::::business:::
	cpe:2.3:a:eset:smart_security:-::::-:::
	cpe:2.3:a:eset:smart_security:-::::business:::
	cpe:2.3:a:eset:smart_security:-::::premium:::

References

Link	Resource
https://support.eset.com/en/ca7489-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-29T13:15:49

Updated: 2020-04-29T13:15:49

Reserved: 2020-04-01T00:00:00

Link: CVE-2020-11446

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-04-29T14:15:17.607

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-11446

JSON object: View

Redhat Information

No data.

CWE

CWE-59

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-04-27T00:00:00", "descriptions": [{"lang": "en", "value": "ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-29T13:15:49", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.eset.com/en/ca7489-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-11446", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://support.eset.com/en/ca7489-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows", "refsource": "CONFIRM", "url": "https://support.eset.com/en/ca7489-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-11446", "datePublished": "2020-04-29T13:15:49", "dateReserved": "2020-04-01T00:00:00", "dateUpdated": "2020-04-29T13:15:49", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eset:antivirus_and_antispyware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBC3B9B3-1446-4630-88FE-65D41B1D077D", "versionEndIncluding": "1560", "versionStartIncluding": "1553", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*", "matchCriteriaId": "2B76C798-A8F7-4705-B85A-98CE4C44AC53", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*", "matchCriteriaId": "81593DEE-54D7-49D5-9AE6-20B7E2B0AF8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:file_security:-:*:*:*:*:windows_server:*:*", "matchCriteriaId": "EDA61743-424D-40C9-ADD5-25AF8786BB0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2CAD248-1F32-4459-A530-8706E334C67F", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*", "matchCriteriaId": "5043B5B1-38B2-4621-B738-A79E5DF8D98E", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*", "matchCriteriaId": "DE40A56E-EBC0-43C8-85FB-868802B4817F", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:kerio:*:*", "matchCriteriaId": "B322B8F3-DD12-4177-9DDF-BCFCD39DB12A", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:sharepoint_server:*:*", "matchCriteriaId": "EB4668BB-DE5D-443B-9A76-353688EE919B", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:nod32_antivirus:-:*:*:*:*:*:*:*", "matchCriteriaId": "6253FAFB-0AE6-494A-950D-EB0EB15E982C", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:nod32_antivirus:-:*:*:*:business:*:*:*", "matchCriteriaId": "12E15271-D518-48E1-AE47-3080A748E131", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:smart_security:-:*:*:*:-:*:*:*", "matchCriteriaId": "CE29DD0C-648B-4B6F-B080-B350E8210B4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:smart_security:-:*:*:*:business:*:*:*", "matchCriteriaId": "38FD5027-F4B6-4398-B93A-DDF0FFC74386", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*", "matchCriteriaId": "375F46B4-9FDF-48FB-935A-8BB6FEF5221A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation."}, {"lang": "es", "value": "Los m\u00f3dulos 1553 hasta 1560 de ESET Antivirus y Antispyware Module, permite a un usuario con derechos de acceso limitados crear enlaces f\u00edsicos en algunos directorios de ESET y luego forzar al producto a escribir por medio de estos enlaces en archivos que normalmente no podr\u00edan ser escritos por el usuario, logrando as\u00ed una escalada de privilegios."}], "id": "CVE-2020-11446", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-29T14:15:17.607", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.eset.com/en/ca7489-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}