CVE-2025-4952

EPSS 0.02%
Veröffentlicht 31.10.2025 12:28:15
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle security@eset.com
CVE-Watchlists
Login
Unerledigt
Login

Denial-of-service vulnerability in ESET security products for Windows

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 13 VulnDex Vulnerability Enrichment 4

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerESET

≫

Produkt ESET NOD32 Antivirus

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Internet Security

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Smart Security Premium

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Security Ultimate

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Small Business Security

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Safe Server

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Endpoint Antivirus

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Endpoint Security for Windows

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Server Security for Windows Server

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Mail Security for Microsoft Exchange Server

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Mail Security for IBM Domino

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET Security for Microsoft SharePoint Server

Default Statusunaffected

Version 1496

Status unaffected

HerstellerESET

≫

Produkt ESET File Security for Microsoft Azure

Default Statusunaffected

Version 1496

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.043

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@eset.com	6.8	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed

https://nvd.nist.gov/vuln/detail/CVE-2025-4952

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-4952

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-4952

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-4952