CVE-2025-5028 - Vulnerability Details - OpenCVE

Installation file of ESET security products on Windows

allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00015.

Exploitation none

Automatable no

Technical Impact total

No data.

No data.

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-21123	Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed

History

Fri, 11 Jul 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics		epss `{'score': 0.00011}`

Fri, 11 Jul 2025 06:45:00 +0000

Type	Values Removed	Values Added
Description		Installation file of ESET security products on Windows allow an attacker to misuse to delete an arbitrary file without having the permissions to do so.
Title		Arbitrary file deletion vulnerability in ESET product installers
Weaknesses		CWE-269
References		https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed
Metrics		cvssV4_0 `{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: ESET

Published: 2025-07-11T06:40:28.636Z

Updated: 2025-07-11T16:11:55.884Z

Reserved: 2025-05-21T09:28:16.965Z

Link: CVE-2025-5028

Vulnrichment

Updated: 2025-07-11T16:11:24.291Z

NVD

Status : Awaiting Analysis

Published: 2025-07-11T07:15:23.940

Modified: 2025-07-15T13:14:49.980

Link: CVE-2025-5028

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5028", "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "state": "PUBLISHED", "assignerShortName": "ESET", "dateReserved": "2025-05-21T09:28:16.965Z", "datePublished": "2025-07-11T06:40:28.636Z", "dateUpdated": "2025-07-11T16:11:55.884Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ESET NOD32 Antivirus", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Internet Security", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Smart Security Premium", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Security Ultimate", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Endpoint Antivirus for Windows", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Endpoint Security for Windows", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Small Business Security", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Safe Server", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2025-07-09T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Installation file of ESET security products on Windows \n\nallow an attacker to misuse to delete an arbitrary file without having the permissions to do so.</span>"}], "value": "Installation file of ESET security products on Windows \n\nallow an attacker to misuse\u00a0to delete an arbitrary file without having the permissions to do so."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "shortName": "ESET", "dateUpdated": "2025-07-11T06:40:28.636Z"}, "references": [{"url": "https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed"}], "source": {"discovery": "UNKNOWN"}, "title": "Arbitrary file deletion vulnerability in ESET product installers", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-11T16:11:20.838647Z", "id": "CVE-2025-5028", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:11:55.884Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5028", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-11T16:11:20.838647Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:11:24.291Z"}}], "cna": {"title": "Arbitrary file deletion vulnerability in ESET product installers", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ESET, spol. s.r.o", "product": "ESET NOD32 Antivirus", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Internet Security", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Smart Security Premium", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Security Ultimate", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Endpoint Antivirus for Windows", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.2049.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.2059.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Endpoint Security for Windows", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.2049.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.2059.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Small Business Security", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Safe Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}], "datePublic": "2025-07-09T10:00:00.000Z", "references": [{"url": "https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Installation file of ESET security products on Windows \n\nallow an attacker to misuse\u00a0to delete an arbitrary file without having the permissions to do so.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Installation file of ESET security products on Windows \n\nallow an attacker to misuse to delete an arbitrary file without having the permissions to do so.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "shortName": "ESET", "dateUpdated": "2025-07-11T06:40:28.636Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5028", "state": "PUBLISHED", "dateUpdated": "2025-07-11T16:11:55.884Z", "dateReserved": "2025-05-21T09:28:16.965Z", "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "datePublished": "2025-07-11T06:40:28.636Z", "assignerShortName": "ESET"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Installation file of ESET security products on Windows \n\nallow an attacker to misuse\u00a0to delete an arbitrary file without having the permissions to do so."}, {"lang": "es", "value": "Los archivos de instalaci\u00f3n de los productos de seguridad de ESET en Windows permiten que un atacante haga un mal uso de ellos para eliminar un archivo arbitrario sin tener los permisos para hacerlo."}], "id": "CVE-2025-5028", "lastModified": "2025-07-15T13:14:49.980", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@eset.com", "type": "Secondary"}]}, "published": "2025-07-11T07:15:23.940", "references": [{"source": "security@eset.com", "url": "https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed"}], "sourceIdentifier": "security@eset.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@eset.com", "type": "Secondary"}]}