Lucene search
ESETCVE-2022-2402HistorySep 06, 2022 - 6:15 p.m.
CVE-2022-2402
2022-09-0618:15:13
CWE-787
CWE-121
ESET
web.nvd.nist.gov
220
3
cve-2022-2402
vulnerability
driver
dlpfde.sys
kernel stack overflow
system crash
bsod
nvd
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
6.2
Confidence
High
EPSS
0.001
Percentile
26.0%
The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD.
Affected configurations
Node
esetendpoint_encryptionRange<5.1.2.26
OResetfull_disk_encryptionRange<1.3.2.32
| Vendor | Product | Version | CPE |
|---|---|---|---|
| eset | endpoint_encryption | * | cpe:2.3:a:eset:endpoint_encryption:*:*:*:*:*:*:*:* |
| eset | full_disk_encryption | * | cpe:2.3:a:eset:full_disk_encryption:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "ESET Endpoint Encryption",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"lessThan": "5.1.2.26",
"status": "affected",
"version": "5.1.1.14",
"versionType": "custom"
}
]
},
{
"product": "ESET Full Disk Encryption",
"vendor": "ESET, spol. s r.o.",
"versions": [
{
"lessThan": "1.3.2.32",
"status": "affected",
"version": "1.3.1.25",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Eset Full Disk Encryption
2022-10-21 19:10:44
nvd
nvd
CVE-2022-2402
2022-09-06 18:15:13
prion
prion
Stack overflow
2022-09-06 18:15:00
CVSS3
6.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
6.2
Confidence
High
EPSS
0.001
Percentile
26.0%
Related for CVE-2022-2402