CVE-2022-27534

Published: Apr 1, 2022Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

Affected (6)

Products: Kaspersky: Anti Virus, Endpoint Security, Internet Security, Security Cloud, Small Office Security, Total Security

6 products

Small Office Security

Total Security

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Kaspersky Anti Virus	Before 12.03.2022
Kaspersky Endpoint Security	Before 12.03.2022
Kaspersky Internet Security	Before 12.03.2022
Kaspersky Security Cloud	Before 12.03.2022
Kaspersky Small Office Security	Before 12.03.2022
Kaspersky Total Security	Before 12.03.2022

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2

Source: vulnerability@kaspersky.com

Broken Link

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.