The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEset Cyber Security
APPEset< 1294Eset Mobile Security
APPEset< 1294Eset Nod32 Antivirus
APPEset4< 1294Eset Smart Security
APPEset< 1294Eset Smart Tv Security
APPEset< 1294
Related vulnerabilities
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to d...
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermedia...
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to...
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machi...
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit re...