CVE-2021-27223

Published: Apr 1, 2022Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS

Affected (6)

Products: Kaspersky: Anti Virus, Endpoint Security, Internet Security, Security Cloud, Small Office Security, Total Security

6 products

Small Office Security

Total Security

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Kaspersky Anti Virus	Before 2021-06
Kaspersky Endpoint Security	Before 2021-06
Kaspersky Internet Security	Before 2021-06
Kaspersky Security Cloud	Before 2021-06
Kaspersky Small Office Security	Before 2021-06
Kaspersky Total Security	Before 2021-06

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1

Source: vulnerability@kaspersky.com

Broken Link

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.