Volerion logoVolerion
Volerion logoVolerion

ESET Products for Windows DLL Search Order Hijacking Vulnerability

Vulnerability

A DLL search order hijacking vulnerability has been identified in multiple ESET products for Windows. This vulnerability could allow an attacker with administrator privileges to load a malicious dynamic-link library (DLL) and execute its code. The issue arises when the ESET Command Line Scanner is used, as it may inadvertently load the malicious DLL from a specific folder instead of the intended system library. While this vulnerability does not elevate privileges, it allows execution of arbitrary code within the context of the user running the scanner.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code by loading a malicious DLL, potentially allowing an attacker to execute harmful actions or commands on the affected system.

Remediation

ESET has released fixed versions of its consumer, business, and server security products for Windows. Users are advised to upgrade to these versions or schedule the upgrades in the near future. The fixed builds are available in the Download section of the ESET website or via the ESET Repository.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
10.0
exploitability
2.8
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.