CVE-2022-27534

EPSS 0.61%
Published 01.04.2022 23:15:14
Last modified 21.11.2024 06:55:53
Source vulnerability@kaspersky.com
Teams watchlist Login
Open Login

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Kaspersky ≫ Anti-virus Version < 12.03.2022

Kaspersky ≫ Endpoint Security Version < 12.03.2022

Kaspersky ≫ Internet Security Version < 12.03.2022

Kaspersky ≫ Security Cloud Version < 12.03.2022

Kaspersky ≫ Small Office Security Version < 12.03.2022

Kaspersky ≫ Total Security Version < 12.03.2022

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.61%	0.688

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2

Broken Link

https://nvd.nist.gov/vuln/detail/CVE-2022-27534

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-27534

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-27534

EUVD