CVE-2020-10193

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop.

Published: Mar 6, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-10193
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-436

Affected Software
References

Software	From	Fixed in
eset / smart_security	-	1294
eset / nod32_antivirus	-	1294
eset / mobile_security	-	1294
eset / smart_tv_security	-	1294
eset / nod32_antivirus	-	4
eset / mobile_security	1294	1294.x
eset / internet_security	-	1294
eset / cyber_security	-	1294

https://blog.zoller.lu/p/from-low-hanging-fruit-department_13.html

Vulnerability Database

289,697

CVE-2020-10193