ESET

In an alarming security incident, a threat actor known as ToddyCat exploited a critical vulnerability in ESET's cybersecurity solution to deliver covert malware, identified as TCESB, to Windows devices. This breach was enabled by CVE-2024-11859, which allowed attackers to manipulate the library loading process of ESET's command-line scanner. By positioning a malicious version.dll file, the attackers were able to run their malware, thereby evading detection mechanisms. The impact of this incident could extend to various user groups, as the corrupted solution deployed stealth malware that could disrupt systems, potentially leading to data leaks, reputation damage or more severe consequences if the malware affected critical infrastructure or sensitive targets.

Source: https://www.techradar.com/pro/security/eset-security-scanner-vulnerability-used-to-deploy-tcesb-malware

"id": "ese939041025",
"linkid": "eset",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"