TOCTOU race condition vulnerability in ESET products on Windows_CVE-2025-2425

{
    "lastseen": "",
    "description": "Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use the installed ESET security software to clear the content of an arbitrary file on the file system.",
    "published": "2025-07-18T09:20:52.051Z",
    "modified": "2025-07-18T11:37:03.044Z",
    "type": "cve",
    "title": "TOCTOU race condition vulnerability in ESET products on Windows",
    "source": "ESET",
    "references": "https://support.eset.com/en/ca8840-eset-customer-advisory-toctou-race-condition-vulnerability-in-eset-products-on-windows-fixed",
    "id": "CVE-2025-2425",
    "bulletinFamily": "",
    "cwe": [
        "CWE-367"
    ],
    "cvelist": null,
    "sourceData": "ESET, spol. s.r.o ESET NOD32 Antivirus 0\nESET, spol. s.r.o ESET Internet Security 0\nESET, spol. s.r.o ESET Smart Security Premium 0\nESET, spol. s.r.o ESET Security Ultimate 0\nESET, spol. s.r.o ESET Endpoint Antivirus for Windows 0\nESET, spol. s.r.o ESET Endpoint Antivirus for Windows 0\nESET, spol. s.r.o ESET Endpoint Security for Windows 0\nESET, spol. s.r.o ESET Endpoint Security for Windows 0\nESET, spol. s.r.o ESET Small Business Security 0\nESET, spol. s.r.o ESET Safe Server 0\nESET, spol. s.r.o ESET Server Security for Windows Server 0\nESET, spol. s.r.o ESET Server Security for Windows Server 0\nESET, spol. s.r.o ESET Mail Security for Microsoft Exchange Server 0\nESET, spol. s.r.o ESET Mail Security for Microsoft Exchange Server 0\nESET, spol. s.r.o ESET Security for Microsoft SharePoint Server 0\nESET, spol. s.r.o ESET Security for Microsoft SharePoint Server 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ESET NOD32 Antivirus",
    "version": "0",
    "vendor": "ESET, spol. s.r.o",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}