Eset · Eset Antivirus/Antispyware Module · CVE-2020-11446
**Name of the Vulnerable Software and Affected Versions**
ESET Antivirus and Antispyware Module versions 1553 through 1560
**Description**
The issue allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege escalation.
**Recommendations**
For ESET Antivirus and Antispyware Module versions 1553 through 1560, consider restricting access to the affected directories to prevent users with limited access rights from creating hard links, until a patch is available.