CVE-2025-2425 - Vulnerability Details - OpenCVE

Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed

History

Fri, 18 Jul 2025 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 18 Jul 2025 09:45:00 +0000

Type	Values Removed	Values Added
Description		Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.
Title		TOCTOU race condition vulnerability in ESET products on Windows
Weaknesses		CWE-367
References		https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed
Metrics		cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: ESET

Published: 2025-07-18T09:20:52.051Z

Updated: 2025-07-18T11:37:03.044Z

Reserved: 2025-03-17T14:49:00.303Z

Link: CVE-2025-2425

Vulnrichment

Updated: 2025-07-18T11:36:55.458Z

NVD

Status : Awaiting Analysis

Published: 2025-07-18T10:15:30.050

Modified: 2025-07-22T13:06:27.983

Link: CVE-2025-2425

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2425", "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "state": "PUBLISHED", "assignerShortName": "ESET", "dateReserved": "2025-03-17T14:49:00.303Z", "datePublished": "2025-07-18T09:20:52.051Z", "dateUpdated": "2025-07-18T11:37:03.044Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ESET NOD32 Antivirus", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Internet Security", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Smart Security Premium", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Security Ultimate", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Endpoint Antivirus for Windows", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Endpoint Security for Windows", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.2049.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.2059.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Small Business Security", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Safe Server", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "18.1.13.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Server Security for Windows Server", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.12004.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.12009.1", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Mail Security for Microsoft Exchange Server", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.10003.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.10011.0", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "ESET Security for Microsoft SharePoint Server", "vendor": "ESET, spol. s.r.o", "versions": [{"lessThanOrEqual": "12.0.15004.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "11.1.15003.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2025-07-16T10:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.</span>"}], "value": "Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "shortName": "ESET", "dateUpdated": "2025-07-18T09:20:52.051Z"}, "references": [{"url": "https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed"}], "source": {"advisory": "ca8840", "discovery": "UNKNOWN"}, "title": "TOCTOU race condition vulnerability in ESET products on Windows", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-18T11:36:44.282751Z", "id": "CVE-2025-2425", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T11:37:03.044Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2425", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-18T11:36:44.282751Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-18T11:36:55.458Z"}}], "cna": {"title": "TOCTOU race condition vulnerability in ESET products on Windows", "source": {"advisory": "ca8840", "discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ESET, spol. s.r.o", "product": "ESET NOD32 Antivirus", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Internet Security", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Smart Security Premium", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Security Ultimate", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Endpoint Antivirus for Windows", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.2049.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.2059.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Endpoint Security for Windows", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.2049.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.2059.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Small Business Security", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Safe Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "18.1.13.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Server Security for Windows Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.12004.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.12009.1"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Mail Security for Microsoft Exchange Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.10003.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.10011.0"}], "defaultStatus": "unaffected"}, {"vendor": "ESET, spol. s.r.o", "product": "ESET Security for Microsoft SharePoint Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "12.0.15004.0"}, {"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "11.1.15003.0"}], "defaultStatus": "unaffected"}], "datePublic": "2025-07-16T10:00:00.000Z", "references": [{"url": "https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "providerMetadata": {"orgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "shortName": "ESET", "dateUpdated": "2025-07-18T09:20:52.051Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2425", "state": "PUBLISHED", "dateUpdated": "2025-07-18T11:37:03.044Z", "dateReserved": "2025-03-17T14:49:00.303Z", "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215", "datePublished": "2025-07-18T09:20:52.051Z", "assignerShortName": "ESET"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system."}, {"lang": "es", "value": "La vulnerabilidad de condici\u00f3n de ejecuci\u00f3n de tiempo de verificaci\u00f3n a tiempo de uso potencialmente permiti\u00f3 que un atacante usara el software de seguridad ESET instalado para borrar el contenido de un archivo arbitrario en el sistema de archivos."}], "id": "CVE-2025-2425", "lastModified": "2025-07-22T13:06:27.983", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@eset.com", "type": "Secondary"}]}, "published": "2025-07-18T10:15:30.050", "references": [{"source": "security@eset.com", "url": "https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed"}], "sourceIdentifier": "security@eset.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "security@eset.com", "type": "Secondary"}]}