CVE-2023-7043
LOWDescription
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| eset | endpoint_antivirus |
| eset | endpoint_security |
| eset | internet_security |
| eset | mail_security |
| eset | nod32_antivirus |
| eset | smart_security_premium |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2023-7043? +
How severe is CVE-2023-7043? +
What products are affected by CVE-2023-7043? +
How do I check if I'm vulnerable to CVE-2023-7043? +
Related Vulnerabilities
An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted …
The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted service paths. This allows a …
The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker …
The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges …
The CMService.exe service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker with write …
Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code execution during …