Improper Resource Shutdown or Release in Eset products - CVE-2021-37850
Published: October 29, 2021 / Updated: November 8, 2021
Vulnerability identifier: #VU57780
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2021-37850
CWE-ID: CWE-404
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vendor: Eset
Affected software:
ESET Cyber Security
ESET Cyber Security Pro
ESET Endpoint Antivirus for macOS
ESET Endpoint Security for macOS
ESET Cyber Security
ESET Cyber Security Pro
ESET Endpoint Antivirus for macOS
ESET Endpoint Security for macOS
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource shutdown or release. A local user can cause a denial of service condition on the target system.
How to mitigate CVE-2021-37850
Install updates from vendor's website.