CVE-2025-4952 MEDIUM

CVE-2025-4952: Denial-of-service vulnerability in ESET security products for Windows

Weakness CWE-732
Published October 31, 2025
Last update October 31, 2025

CVSS base score

6.8/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.

Key dates

02Disclosure timeline

October 31, 2025 CVE published
October 31, 2025 Record updated