CVE-2021-37851

Name of the Vulnerable Software and Affected Versions ESET NOD32 Antivirus versions 11.2 through 15.1.11.0 ESET Internet Security versions 11.2 through 15.1.11.0 ESET Smart Security Premium versions 11.2 through 15.1.11.0 ESET Endpoint Antivirus versions 6.0 through 9.0.2045.0 ESET Endpoint Security versions 6.0 through 9.0.2045.0 ESET Server Security for Microsoft Windows Server versions 8.0 through 9.0.12011.0 ESET File Security for Microsoft Windows Server version 8.0.12012.0 ESET Mail Security for Microsoft Exchange Server versions 6.0 through 8.0.10019.0 ESET Mail Security for IBM Domino versions 6.0 through 8.0.14010.0 ESET Security for Microsoft SharePoint Server versions 6.0 through 8.0.15008.0

Description The issue is related to the repair feature of the installer in ESET products, allowing a user logged into the system to exploit it and run malicious code with higher privileges. This is due to incorrect handling of insufficient permissions or privileges. The exploitation of this issue may allow an attacker to execute arbitrary code.

Recommendations For ESET NOD32 Antivirus versions 11.2 through 15.1.11.0, update to version 15.1.12.0 or later. For ESET Internet Security versions 11.2 through 15.1.11.0, update to version 15.1.12.0 or later. For ESET Smart Security Premium versions 11.2 through 15.1.11.0, update to version 15.1.12.0 or later. For ESET Endpoint Antivirus versions 6.0 through 9.0.2045.0, update to version 9.0.2046.0 or later. For ESET Endpoint Security versions 6.0 through 9.0.2045.0, update to version 9.0.2046.0 or later. For ESET Server Security for Microsoft Windows Server versions 8.0 through 9.0.12011.0, update to version 9.0.12012.0 or later. For ESET File Security for Microsoft Windows Server version 8.0.12012.0, update to a newer version. For ESET Mail Security for Microsoft Exchange Server versions 6.0 through 8.0.10019.0, update to version 8.0.10020.0 or later. For ESET Mail Security for IBM Domino versions 6.0 through 8.0.14010.0, update to version 8.0.14011.0 or later. For ESET Security for Microsoft SharePoint Server versions 6.0 through 8.0.15008.0, update to version 8.0.15009.0 or later.