Home Tools Exploits & CVE's ESET NOD32 Antivirus 17.2.7.0 Unquoted Service Path

ESET NOD32 Antivirus 17.2.7.0 Unquoted Service Path

July 15, 2024

17850

ESET NOD32 Antivirus version 17.2.7.0 suffers from an unquoted service path vulnerability.

# Exploit Title: ESET NOD32 Antivirus 17.2.7.0 - Unquoted Service Path
# Exploit Author: Milad Karimi (Ex3ptionaL)
# Exploit Date: 2024-07-09
# Contact: [email protected]
# Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL
# Vendor : https://www.eset.com
# Version : 17.2.7.0
# Tested on OS: Microsoft Windows 10 pro x64


C:UsersCi3c0>sc qc ekrn
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ekrn
        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:Program FilesESETESET Securityekrn.exe"
        LOAD_ORDER_GROUP   : Base
        TAG                : 0
        DISPLAY_NAME       : ESET Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

ESET NOD32 Antivirus 17.2.7.0 Unquoted Service Path

Follow us on Instagram @thecyberpost

EDITOR PICKS

From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing...

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

Initial Access Brokers Shift Tactics, Selling More for Less

POPULAR POSTS

Oracle Database Password Hash Unauthorized Access

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

POPULAR CATEGORY

WordPress WP Super Edit 2.5.4 Arbitrary File Upload

Super Store Finder 3.7 Remote Command Execution

BSCW Server Remote Code Execution