CVE-2025-13176
DLL Hijacking Vulnerability in ESET Inspect Connector Allows Code Execution
Publication date: 2026-01-30
Last updated on: 2026-01-30
Assigner: ESET
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eset | inspect_connector | to 2.8.5555 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2025-13176 is a local privilege escalation vulnerability in ESET Inspect Connector for Windows. It allows a low-privileged user to plant a malicious configuration file that causes the software to load and execute a malicious DLL with SYSTEM-level permissions, thereby escalating the user's privileges. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with low privileges on a system to escalate their privileges to SYSTEM level, potentially gaining full control over the affected system. This can lead to unauthorized access, modification, or disruption of system operations. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your system is running ESET Inspect Connector version 2.8.5555 or earlier on Windows OS. Since the issue involves planting a malicious configuration file that loads a malicious DLL, you should inspect the configuration file locations for unauthorized or suspicious files and verify the DLLs being loaded by the ESET Inspect Connector process. Specific commands are not provided in the resources, but typical steps include listing the installed version of ESET Inspect Connector and scanning for unusual DLLs or configuration files in the relevant directories. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade ESET Inspect Connector to version 3.0.5765 or later, which contains the fix for this local privilege escalation vulnerability. Users should obtain the fixed build from the ESET website or ESET Repository. Additionally, monitoring for unauthorized configuration files and DLLs can help reduce risk until the upgrade is applied. [1]