CVE-2021-27223

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS

Se presentaba un problema de denegación de servicio en uno de los módulos incorporados en los productos Kaspersky Anti-Virus for home y Kaspersky Endpoint Security. Un usuario local podía causar el bloqueo de Windows al ejecutar un módulo binario especialmente diseñado. La corrección fue realizada de forma automática. Créditos: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-02-15 CVE Reserved
2022-04-01 CVE Published
2023-03-08 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (1)

URL	Tag	Source
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1	Broken Link

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kaspersky Search vendor "Kaspersky"		Anti-virus Search vendor "Kaspersky" for product "Anti-virus"				< 2021-06 Search vendor "Kaspersky" for product "Anti-virus" and version " < 2021-06"		-		Affected
Kaspersky Search vendor "Kaspersky"		Endpoint Security Search vendor "Kaspersky" for product "Endpoint Security"				< 2021-06 Search vendor "Kaspersky" for product "Endpoint Security" and version " < 2021-06"		-		Affected
Kaspersky Search vendor "Kaspersky"		Internet Security Search vendor "Kaspersky" for product "Internet Security"				< 2021-06 Search vendor "Kaspersky" for product "Internet Security" and version " < 2021-06"		-		Affected
Kaspersky Search vendor "Kaspersky"		Security Cloud Search vendor "Kaspersky" for product "Security Cloud"				< 2021-06 Search vendor "Kaspersky" for product "Security Cloud" and version " < 2021-06"		-		Affected
Kaspersky Search vendor "Kaspersky"		Small Office Security Search vendor "Kaspersky" for product "Small Office Security"				< 2021-06 Search vendor "Kaspersky" for product "Small Office Security" and version " < 2021-06"		-		Affected
Kaspersky Search vendor "Kaspersky"		Total Security Search vendor "Kaspersky" for product "Total Security"				< 2021-06 Search vendor "Kaspersky" for product "Total Security" and version " < 2021-06"		-		Affected