CVE-2024-6654

Products for macOS enables a user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down.

CVSS

No CVSS.

References

Link	Resource
https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed

Configurations

No configuration.

History

09 Oct 2024, 09:15

Type	Values Removed	Values Added
References	~~{'url': 'https://support.eset.com/en/ca8725-local-privilege-escalation-vulnerability-in-eset-products-for-macos-fixed', 'source': 'security@eset.com'}~~	() https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed -

27 Sep 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-27 09:15

Updated : 2024-10-09 09:15

NVD link : CVE-2024-6654

Mitre link : CVE-2024-6654

CVE.ORG link : CVE-2024-6654

JSON object : View

Products Affected

No product.

CWE

CWE-377

Insecure Temporary File

{"id": "CVE-2024-6654", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@eset.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 6.8, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-09-27T09:15:03.937", "references": [{"url": "https://support.eset.com/en/ca8725-denial-of-service-vulnerability-in-eset-products-for-macos-fixed", "source": "security@eset.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@eset.com", "description": [{"lang": "en", "value": "CWE-377"}]}], "descriptions": [{"lang": "en", "value": "Products for macOS enables a\u00a0user logged on to the system to perform a denial-of-service attack, which could be misused to disable the protection of the ESET security product and cause general system slow-down."}, {"lang": "es", "value": "Los productos para macOS permiten que un usuario conectado al sistema realice un ataque de denegaci\u00f3n de servicio, que podr\u00eda usarse indebidamente para deshabilitar la protecci\u00f3n del producto de seguridad de ESET y provocar una ralentizaci\u00f3n general del sistema."}], "lastModified": "2024-10-09T09:15:06.713", "sourceIdentifier": "security@eset.com"}