ESET Customer Advisory 2022-0012
July 27, 2022
ESET became aware of a vulnerability in ESET Endpoint Encryption and ESET Full Disk Encryption for Windows that enables a user logged into the system to cause a blue screen error (BSOD).
The vulnerability in the driver
dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD.
To our best knowledge, no existing exploits take advantage of this vulnerability in the wild.
The CVE ID reserved by ESET for this vulnerability is CVE-2022-2402 and the CVSS v3.1 base score is 6.5 with the following vector:
ESET has released fixed versions of ESET Endpoint Encryption and ESET Full Disk Encryption for Windows. We recommend users of the earlier, affected versions schedule upgrades to the fixed versions as soon as possible.
For ESET Full Disk Encryption for Windows, ESET recommends upgrading from the ESET PROTECT console.
For ESET Endpoint Encryption for Windows, a reinstallation is recommended. Users can upgrade client machines to a later version of ESET Endpoint Encryption.
The issue is resolved in the following builds:
- ESET Endpoint Encryption 220.127.116.11
- ESET Full Disk Encryption 18.104.22.168
Affected programs and versions
- ESET Endpoint Encryption 22.214.171.124 and earlier
- ESET Full Disk Encryption 126.96.36.199 and earlier
Feedback & support
ESET values the principles of coordinated disclosure within the security industry and would like to thank @SecAndStuff.
Version 1.0 (July 27, 2022): Initial version of this document