9.8
CVE-2022-27534
- EPSS 0.61%
- Veröffentlicht 01.04.2022 23:15:14
- Zuletzt bearbeitet 21.11.2024 06:55:53
- Quelle vulnerability@kaspersky.com
- Teams Watchlist Login
- Unerledigt Login
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kaspersky ≫ Anti-virus Version < 12.03.2022
Kaspersky ≫ Endpoint Security Version < 12.03.2022
Kaspersky ≫ Internet Security Version < 12.03.2022
Kaspersky ≫ Security Cloud Version < 12.03.2022
Kaspersky ≫ Small Office Security Version < 12.03.2022
Kaspersky ≫ Total Security Version < 12.03.2022
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.61% | 0.688 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|