CVE-2022-27534
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases lanzados antes del 12 de marzo de 2022, tenían un error en un módulo de análisis de datos que potencialmente permitía a un atacante ejecutar código arbitrario. La corrección fue realizada de forma automática. Créditos: Georgy Zaytsev (Positive Technologies)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-03-21 CVE Reserved
- 2022-04-01 CVE Published
- 2024-08-03 CVE Updated
- 2024-11-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kaspersky Search vendor "Kaspersky" | Anti-virus Search vendor "Kaspersky" for product "Anti-virus" | < 12.03.2022 Search vendor "Kaspersky" for product "Anti-virus" and version " < 12.03.2022" | - |
Affected
| ||||||
| Kaspersky Search vendor "Kaspersky" | Endpoint Security Search vendor "Kaspersky" for product "Endpoint Security" | < 12.03.2022 Search vendor "Kaspersky" for product "Endpoint Security" and version " < 12.03.2022" | - |
Affected
| ||||||
| Kaspersky Search vendor "Kaspersky" | Internet Security Search vendor "Kaspersky" for product "Internet Security" | < 12.03.2022 Search vendor "Kaspersky" for product "Internet Security" and version " < 12.03.2022" | - |
Affected
| ||||||
| Kaspersky Search vendor "Kaspersky" | Security Cloud Search vendor "Kaspersky" for product "Security Cloud" | < 12.03.2022 Search vendor "Kaspersky" for product "Security Cloud" and version " < 12.03.2022" | - |
Affected
| ||||||
| Kaspersky Search vendor "Kaspersky" | Small Office Security Search vendor "Kaspersky" for product "Small Office Security" | < 12.03.2022 Search vendor "Kaspersky" for product "Small Office Security" and version " < 12.03.2022" | - |
Affected
| ||||||
| Kaspersky Search vendor "Kaspersky" | Total Security Search vendor "Kaspersky" for product "Total Security" | < 12.03.2022 Search vendor "Kaspersky" for product "Total Security" and version " < 12.03.2022" | - |
Affected
| ||||||