ESET Online Help

Search English
Select the topic


The Vulnerabilities section provides an overview of detected vulnerabilities on computers. The computer is scanned to detect any installed software vulnerable to security risks. Automated scanning with instant reporting to the console allows you to prioritize vulnerabilities based on severity, manage security risks and allocate resources effectively. A wide range of filtering options allows you to identify and focus on critical security issues.



To view and enable ESET Vulnerability & Patch Management, ensure you have one of the following tiers:




You can enable ESET Vulnerability & Patch Management only on Windows computers running:

ESET Management Agent version 10.1+

ESET Endpoint Security for Windows version 10.1+

ESET Endpoint Antivirus for Windows version 10.1+

ESET Server Security for Microsoft Windows Server version 11.0+


ESET Vulnerability & Patch Management is not supported on ARM processors.

Enable Vulnerability & Patch Management

1.Click Computers.

2.Select the computer/group where you want to enable Vulnerability & Patch Management.

3.Select Solutions and click Enable Vulnerability & Patch Management.

4.In the Enable Vulnerability & Patch Management window:

a.Verify the Auto-patch management for applications toggle is enabled to automatically apply missing patches to the selected computers.

b.Verify the Operating system auto-updates toggle is enabled to automatically apply OS updates to the selected computers.


Operating system auto-updates are only available for ESET Endpoint for Windows 11.0 and later.

c.The license is pre-selected.

d.Click the Enable button.


When Vulnerability & Patch Management is enabled:

The icon_vulnerabilities Vulnerabilities icon appears next to the computer name.

You can see the Vulnerability & Patch Management tile with the Active status in computer details.


Some applications require a computer restart and can restart computers automatically after an upgrade.


Some applications (for example, TeamViewer) can be licensed to a specific version. Revise your applications. To avoid an unnecessary upgrade, set Auto-patch strategy > Patch all except excluded applications while creating a policy.

View Vulnerabilities

You can view Vulnerabilities from several places:

Click Vulnerabilities in the main menu to open the Vulnerabilities section and view a list of vulnerabilities.

Click Computers > click the computer and click Details > in the Vulnerability & Patch Management tile, click Show vulnerabilities to open the Vulnerabilities section.

Click Computers > in the Vulnerabilities column, click the number of vulnerabilities on the selected computer to open the Vulnerabilities section.

Grouping of vulnerabilities

To group vulnerabilities, select from the drop-down menu:

Ungrouped—default view

Group by Application Name—vulnerabilities are grouped by vulnerable application name, with numbers of Affected Devices and Vulnerabilities. When grouped, click an application row and click Show Vulnerabilities to display vulnerabilities for the selected application.

Group by CVE—vulnerabilities are grouped by the CVE (Common Vulnerabilities and Exposure) number. A CVE is an identification number of a vulnerability. When grouped, click a CVE row and click Show Devices to display devices (computers) with the vulnerability.

Filtering the view

To add filtering criteria, click Add Filter and select item(s) from the list. Type the search string(s) or select the items from the drop-down menu in the filter field(s) and press Enter. Active filters are highlighted in blue.

Application name—the application name with the vulnerability

Application version—the application version

Application vendor—the application vendor with the vulnerability

Risk score—vulnerability risk score from 0 to 100

CVE—a CVE (Common Vulnerabilities and Exposure) number, which is an identification number of a vulnerability

Computer name—the name of the affected computer; click the computer name to view the details of the computer with the vulnerability

Category—Vulnerability category:

oApplication vulnerability

oOperating system vulnerability

First seen—The date and time when the vulnerability was first detected on the device


Risk score—assesses the severity of computer system security vulnerabilities. A risk score is calculated on the following:


CVE popularity—indicates the vulnerability activity level

Compromised risk rate—indicates the number of devices with confirmed vulnerability

CVE lifecycle—indicates the time elapsed since the vulnerability was first reported

A risk score is indicated in:

grey (0–29)—low severity

yellow (30–59)—medium severity

red (60–100)—critical severity

Vulnerability preview

Click an application name to view vulnerability details in a side panel. Vulnerability preview manipulation includes:

icon_apply_later_defaultNext—displays the next vulnerability in the vulnerability preview side panel

icon_apply_sooner_defaultPrevious—displays the previous vulnerability in the vulnerability preview side panel

gear_iconManage content for Vulnerability Details—manages how the vulnerability preview side panel sections are displayed and in what order

remove_defaultClose—closes the vulnerability preview side panel


For more information, refer to the list of apps covered in Vulnerabilities.

Mute/Unmute Vulnerability

You can mute or unmute vulnerability on devices:

Click the computer row and click Mute Vulnerability/Unmute Vulnerability

Select the computer and click the Mute Vulnerability/Unmute Vulnerability button at the bottom of the page

Select the computer and click the Actions button, then select Mute Vulnerability/Unmute Vulnerability

Vulnerability scan

You can start immediate vulnerability and missing patches scan on a selected device:

Click the computer row and select Computer > Scan > Vulnerability scan

Select the computer and click the Actions button, then select Computer > Scan > Vulnerability scan

Select any group, click gear_icon then select Tasks > Scan > Vulnerability scan

Task Start vulnerability scan is scheduled to execute as soon as possible.


The task may have a higher demand on the device resources for up to 10 minutes.


You can create a report template with vulnerability data and then add the report to the Dashboard.

For more information, see Vulnerability & Patch Management FAQ.