CVE-2026-6423
Received Received - Intake

Local Privilege Escalation in ESET Inspect Connector

Vulnerability report for CVE-2026-6423, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: ESET

Description

A local privilege escalation vulnerability in ESET Inspect Connector.Β  The vulnerability was caused by improper authentication in an IPC channel.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-16
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
eset inspect_connector to 3.1.6017.0 (exc)
eset inspect_connector From 3.1.6017.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-6423 is a local privilege escalation vulnerability in ESET Inspect Connector for Windows. It occurs due to improper authentication in an IPC channel, allowing unauthenticated attackers to send crafted ALPC requests to the vulnerable process. Without proper validation, these requests grant access to restricted functionality, enabling privilege escalation.

Detection Guidance

Detecting this vulnerability requires checking the version of ESET Inspect Connector installed on your system. Compare the installed version against the fixed build 3.1.6017.0 or later. If your version is 3.0.5775.0 or earlier, the system is vulnerable.

Impact Analysis

An attacker could exploit this vulnerability to gain elevated privileges on your system, potentially allowing them to perform unauthorized actions, access sensitive data, or take control of the affected machine. This could lead to system compromise or further network infiltration.

Mitigation Strategies

Immediately upgrade ESET Inspect Connector to version 3.1.6017.0 or later. Download the update from www.eset.com or the ESET Repository. Ensure no affected versions (3.0.5775.0 or earlier) remain in use.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6423. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart