CVE-2024-0353: 
NixOS vulnerability analysis and mitigation

A local privilege escalation vulnerability (CVE-2024-0353) was discovered in ESET's Windows products, reported through the Zero Day Initiative (ZDI). The vulnerability was disclosed on February 14, 2024, affecting multiple ESET security products including NOD32 Antivirus, Internet Security, Smart Security Premium, and various server security solutions (ESET Advisory).

The vulnerability exists within the Real-time file system protection feature on Windows operating systems. It received a CVSS v3.1 score of 7.8 (High) with the vector string AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The flaw is related to improper privilege management (CWE-269) that could allow misuse of ESET's file operations (ESET Advisory, ZDI Advisory).

The vulnerability allows an attacker with low-privileged code execution capabilities to delete arbitrary files with NT AUTHORITY\SYSTEM privileges, effectively enabling privilege escalation on the affected system (ESET Advisory).

ESET has released fixed builds for all affected products and recommends users upgrade to these versions. For consumer products, version 17.0.10.0 and later are fixed. Various fixed versions are available for business and server products, including Endpoint Security, Server Security, and Mail Security solutions. Additionally, ESET released Cleaner module version 1248 as part of standard module updates to address the vulnerability for users without Azure Code Signing support (ESET Advisory).