Vulnerability in Eset, Spol. S R.o. Eset Endpoint Antivirus For Windows
CVE-2024-11859
DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code.
EPSS: 0.018 (75.8th percentile) — read the EPSS interpretation.
Affected products
- Eset, Spol. S R.o. Eset Endpoint Antivirus For Windows — versions 0
- Eset, Spol. S R.o. Eset Endpoint Security For Windows — versions 0
- Eset, Spol. S R.o. Eset Internet Security — versions 0
- Eset, Spol. S R.o. Eset Mail Security For Microsoft Exchange Server — versions 0
- Eset, Spol. S R.o. Eset Nod32 Antivirus — versions 0
- Eset, Spol. S R.o. Eset Safe Server — versions 0
- Eset, Spol. S R.o. Eset Security For Microsoft Sharepoint Server — versions 0
- Eset, Spol. S R.o. Eset Security Ultimate — versions 0
- Eset, Spol. S R.o. Eset Server Security For Windows — versions 0
- Eset, Spol. S R.o. Eset Small Business Security — versions 0
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2024-11859?
- CVE-2024-11859 is a vulnerability in Eset, Spol. S R.o. Eset Endpoint Antivirus For Windows, classified under Uncontrolled Search Path Element. Published 2025-04-07.
- Is CVE-2024-11859 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.