CVE-2025-4952

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.

CVSS

No CVSS.

References

Link	Resource
https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed

Configurations

No configuration.

History

31 Oct 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-10-31 13:15

Updated : 2025-10-31 13:15

NVD link : CVE-2025-4952

Mitre link : CVE-2025-4952

CVE.ORG link : CVE-2025-4952

JSON object : View

Products Affected

No product.

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

{"id": "CVE-2025-4952", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@eset.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-10-31T13:15:34.173", "references": [{"url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed", "source": "security@eset.com"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "security@eset.com", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration."}], "lastModified": "2025-10-31T13:15:34.173", "sourceIdentifier": "security@eset.com"}

CVE-2025-4952

JSON object

Attach tags to CVE-2025-4952

Attach tags to `CVE-2025-4952`