ESET NOD32 Antivirus
Moderate fix1 remedy
cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:windows:*:*
Moderate fix1 remedy
- <= 18.1.13.0
ESET Products TOCTOU Race Condition Vulnerability Allowing Arbitrary File Content Deletion
Vulnerability
Patched
A time-of-check to time-of-use race condition vulnerability has been identified in multiple ESET security products for Windows. This vulnerability could potentially allow an attacker to use the ESET software to delete the contents of an arbitrary file on the file system. The issue arises from the way the NTFS file system handles file names, enabling the swapping of file handles just before a file is cleared, thereby exploiting the vulnerability.
Impact
Exploitation of this vulnerability could lead to unintended data loss by allowing the deletion of file contents on the affected system.
Remediation
ESET has released fixed builds for all affected products. Users are advised to upgrade to the latest version. The updated versions are available on the ESET website or through the ESET Repository.
Added: Jul 18, 2025, 10:27 AM
Updated: Jul 18, 2025, 10:27 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
4.2exploitability
2.4remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.