A vulnerability was found in ESET Personal Firewall NDIS filter up to 1183 %2820140214%29 (Firewall Software). It has been classified as problematic. Affected is an unknown code block of the component Firewall Module. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality. CVE summarizes:

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.

The weakness was presented 11/04/2014 by Kyriakos Economou (Website). The advisory is available at portcullis-security.com. This vulnerability is traded as CVE-2014-4974 since 07/15/2014. The exploitability is told to be easy. Local access is required to approach this attack. The exploitation doesn't require any form of authentication. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1592 by the MITRE ATT&CK project.

The vulnerability is also documented in the vulnerability database at X-Force (98312). See VDB-8770, VDB-40636 and VDB-70478 for similar entries.

Productinfo

Type

• Firewall Software

Vendor

• ESET

Name

• Personal Firewall NDIS filter

Version

• 1183 %2820140214%29

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion