CVE-2014-4973
Published Sep 23, 2014
Last updated 10 years ago
Overview
- Description
- The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:smart_security:5.0.94:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6C5C72A-8668-4B1C-8D1E-0968A8A0AFEE"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:5.0.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB520877-84B0-4728-9F98-C186A536C1C1"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:5.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56738037-06F6-4FD1-AE46-FA18664256A0"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:5.2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFD5AF33-7663-4387-8FF7-48E0C3E1754F"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:6.0.306:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C6C6312-9A9A-4D7C-B853-64983076D27E"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:6.0.308:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F03CE87-5432-484B-9428-4A59D6A34DA2"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:6.0.314:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E374A62-36AB-446D-8C10-F57DDBE2B45F"
},
{
"criteria": "cpe:2.3:a:eset:smart_security:6.0.316:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B472F40-771C-4D80-A005-F203025300BF"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2113:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C76A864-D9CC-43C2-88E1-55D0CC696601"
},
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2122:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B01E66DD-E3B4-413A-A73D-7FEA4C5C1342"
},
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2126:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CAEC019-865A-49CF-B9B7-7DAF2EAFDFA8"
},
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2214:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B23B1663-D74C-4B1B-A0BF-F68B327E8F99"
},
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2225:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "057902A1-D019-43A9-8A3A-D9C14A4200A7"
},
{
"criteria": "cpe:2.3:a:eset:endpoint_security:5.0.2228:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98974D2B-5561-43B2-9EB8-0B5617A2FA88"
}
],
"operator": "OR"
}
]
}
]