Ilias Dimopoulos

**Name of the Vulnerable Software and Affected Versions** Splunk Enterprise versions prior to 8.1.1 **Description** A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user. This issue affects Splunk Enterprise on Windows. **Recommendations** For versions prior to 8.1.1, update to version 8.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the node default path to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Visual Studio (affected versions not specified) **Description** The issue is related to insufficient access restrictions in Microsoft Visual Studio, allowing an attacker to bypass security restrictions and elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ESET NOD32 Antivirus versions 13.2 and lower ESET Internet Security versions 13.2 and lower ESET Smart Security versions 13.2 and lower ESET Smart Security Premium versions 13.2 and lower ESET Endpoint Antivirus versions 7.3 and lower ESET Endpoint Security versions 7.3 and lower ESET NOD32 Antivirus Business Edition versions 7.3 and lower ESET Smart Security Business Edition versions 7.3 and lower ESET File Security for Microsoft Windows Server versions 7.2 and lower ESET Mail Security for Microsoft Exchange Server versions 7.2 and lower ESET Mail Security for IBM Domino versions 7.2 and lower ESET Security for Kerio versions 7.2 and lower ESET Security for Microsoft SharePoint Server versions 7.2 and lower Description: A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this issue is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Recommendations: For ESET NOD32 Antivirus versions 13.2 and lower, update to a version higher than 13.2. For ESET Internet Security versions 13.2 and lower, update to a version higher than 13.2. For ESET Smart Security versions 13.2 and lower, update to a version higher than 13.2. For ESET Smart Security Premium versions 13.2 and lower, update to a version higher than 13.2. For ESET Endpoint Antivirus versions 7.3 and lower, update to a version higher than 7.3. For ESET Endpoint Security versions 7.3 and lower, update to a version higher than 7.3. For ESET NOD32 Antivirus Business Edition versions 7.3 and lower, update to a version higher than 7.3. For ESET Smart Security Business Edition versions 7.3 and lower, update to a version higher than 7.3. For ESET File Security for Microsoft Windows Server versions 7.2 and lower, update to a version higher than 7.2. For ESET Mail Security for Microsoft Exchange Server versions 7.2 and lower, update to a version higher than 7.2. For ESET Mail Security for IBM Domino versions 7.2 and lower, update to a version higher than 7.2. For ESET Security for Kerio versions 7.2 and lower, update to a version higher than 7.2. For ESET Security for Microsoft SharePoint Server versions 7.2 and lower, update to a version higher than 7.2. As a temporary workaround, consider enabling Self-Defense to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.2.0 through 7.2.9 **Description** The issue allows an authenticated user to disable the Wincollect service, which could aid an attacker in bypassing security mechanisms in future attacks. **Recommendations** For IBM QRadar versions 7.2.0 through 7.2.9, consider restricting access to the Wincollect service to prevent its disablement until a fix is available.

**Name of the Vulnerable Software and Affected Versions** IBM QRadar versions 7.2.0 through 7.2.9 **Description** The issue allows an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. **Recommendations** For IBM QRadar versions 7.2.0 through 7.2.9, update to a version that fixes the flaw to prevent authenticated users from overwriting or deleting arbitrary files.

**Name of the Vulnerable Software and Affected Versions** Bitdefender Antivirus Free versions prior to 1.0.17.178 **Description** A vulnerability in the improper handling of symbolic links can allow an unprivileged user to substitute a quarantined file and restore it to a privileged location. **Recommendations** For versions prior to 1.0.17.178, update to version 1.0.17.178 or later to resolve the issue. As a temporary workaround, consider restricting access to quarantined files to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Popup Maker plugin versions prior to 1.8.13 **Description** An issue allows an unauthenticated attacker to partially control the arguments of the `do action` function, invoking certain `popmake ` or `pum ` methods. This can be used to control content and delivery of the support debug text file, `popmake-system-info.txt`. **Recommendations** For versions prior to 1.8.13, update to version 1.8.13 or later to resolve the issue.