CVE-2018-0649
Last modified
CVE-2018-0649 is a vulnerability of currently unknown severity. Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.. EPSS estimates a 1.13% chance of exploitation in the next 30 days.
Description
Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Eset | Compusec | All versions |
| Eset | Deslock\+ Pro | All versions |
| Eset | Internet Security | All versions |
| Eset | Nod32 Antivirus | All versions |
| Eset | Smart Security | All versions |
| Eset | Smart Security Premium | All versions |
References
- http://jvn.jp/en/jp/JVN41452671/index.htmlThird Party Advisory, VDB Entry
- https://eset-support.canon-its.jp/faq/show/10720?site_domain=defaultMitigation, Vendor Advisory
- http://jvn.jp/en/jp/JVN41452671/index.htmlThird Party Advisory, VDB Entry
- https://eset-support.canon-its.jp/faq/show/10720?site_domain=defaultMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-0649?
How severe is CVE-2018-0649?
How do I fix CVE-2018-0649?
Are you affected by CVE-2018-0649?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST