CVE-2023-2847: Local privilege escalation vulnerability in ESET products
In the continuously evolving cybersecurity landscape, even the security mavens themselves are not immune to the potential threats. ESET, one of the global leaders in cybersecurity solutions, recently discovered a high-severity vulnerability in its Linux and macOS products. The security flaw, identified as CVE-2023-2847, is a local privilege escalation vulnerability with a CVSS v3.1 score of 7.8, underlining its high-risk potential. This potential exploit could have granted cyber miscreants unwarranted access and control, putting sensitive data at peril.
The vulnerability was internally detected by ESET during routine security checks, reinforcing the importance of such regular procedures in maintaining the safety and integrity of software systems. Intriguingly, the vulnerability could have allowed a user with lower privileges to trigger actions with root-level, or highest-level, privileges on a machine with the affected ESET product installed. This vulnerability potentially exposed systems to malicious misuse, with threats ranging from unauthorized data access to the hijacking of system resources.
Among the products impacted were ESET Server Security for Linux versions 9.1.96.0, 9.0.464.0, 8.1.820.0, and earlier, ESET Endpoint Antivirus for Linux versions 9.1.4.0, 9.0.5.0, 8.1.7.0 and earlier, ESET Cyber Security from version 7.3 to 7.3.2100.0, and ESET Endpoint Antivirus for macOS from version 7.0 to 7.2.1600.0.
Given the nature of the flaw, the exposure was not just limited to personal devices but also extended to enterprise systems. However, the silver lining is that there have been no recorded exploits taking advantage of the CVE-2023-2847 vulnerability in the wild. As a testament to its commitment to security, ESET has already prepared and released new builds of its products, eliminating this vulnerability.
The unaffected, and thus safe to use, versions of ESET products include ESET Server Security for Linux versions 9.1.98.0, 9.0.466.0, 8.1.823.0 and later, ESET Endpoint Antivirus for Linux versions 9.1.11.0, 9.0.10.0 and 8.1.12.0 and later, ESET Cyber Security 7.3.3700.0 and later, and ESET Endpoint Antivirus for macOS 7.3.3600.0 and later.
In light of this discovery, users of the affected ESET products are strongly advised to update their software to the latest version to secure their systems against potential misuse.
This incident is a stark reminder that no system is immune to potential security threats. Even cybersecurity giants like ESET are not impervious to vulnerabilities.
