{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-04T00:25:36.734","vulnerabilities":[{"cve":{"id":"CVE-2025-5028","sourceIdentifier":"security@eset.com","published":"2025-07-11T07:15:23.940","lastModified":"2026-06-17T09:47:03.297","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Installation file of ESET security products on Windows \n\nallow an attacker to misuse to delete an arbitrary file without having the permissions to do so."},{"lang":"es","value":"Los archivos de instalación de los productos de seguridad de ESET en Windows permiten que un atacante haga un mal uso de ellos para eliminar un archivo arbitrario sin tener los permisos para hacerlo."}],"affected":[{"source":"security@eset.com","affectedData":[{"vendor":"ESET, spol. s.r.o","product":"ESET NOD32 Antivirus","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Internet Security","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Smart Security Premium","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Security Ultimate","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Endpoint Antivirus for Windows","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"12.0.2049.0","versionType":"custom","status":"affected"},{"version":"0","lessThanOrEqual":"11.1.2059.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Endpoint Security for Windows","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"12.0.2049.0","versionType":"custom","status":"affected"},{"version":"0","lessThanOrEqual":"11.1.2059.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Small Business Security","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]},{"vendor":"ESET, spol. s.r.o","product":"ESET Safe Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"18.1.13.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@eset.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-11T16:11:20.838647Z","id":"CVE-2025-5028","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@eset.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://support.eset.com/en/ca8838-arbitrary-file-deletion-vulnerability-in-eset-product-installers-on-windows-fixed","source":"security@eset.com"}]}}]}