CVE-2025-13176

Name of the Vulnerable Software and Affected Versions ESET Inspect Connector versions prior to 3.0.5765

Description The ESET Inspect Connector is susceptible to a local privilege escalation. Planting a custom configuration file allows the loading of a malicious DLL. The ElConnector.exe process, running with SYSTEM privileges, attempts to load an OpenSSL configuration file from a user-writable path. A low-privileged user can create this file, leading to the execution of arbitrary code with elevated privileges.

Recommendations Update ESET Inspect Connector to version 3.0.5765 or later.