5.3
CVE-2024-13614
- EPSS 0.02%
- Veröffentlicht 06.02.2025 17:15:18
- Zuletzt bearbeitet 06.02.2025 17:15:18
- Quelle vulnerability@kaspersky.com
- Teams Watchlist Login
- Unerledigt Login
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerKaspersky
≫
Produkt
Kaspersky Anti-Virus SDK for Windows
Default Statusunaffected
Version <=
8.10.1.1943
Version
8.10.1.1943
Status
affected
Version <=
8.10.1.1943 CF
Version
8.10.1.1943 CF
Status
affected
HerstellerKaspersky
≫
Produkt
Kaspersky Security for Virtualization Light Agent
Default Statusunaffected
Version <
5.2.27.319
Version
5.2
Status
affected
Version <=
5.2.27.319
Version
5.2.27.319
Status
unknown
HerstellerKaspersky
≫
Produkt
Kaspersky Endpoint Security for Windows
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Small Office Security
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky for Windows (Standard, Plus, Premium)
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Free
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Anti-Virus
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Internet Security
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Security Cloud
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Safe Kids
Default Statusunknown
HerstellerKaspersky
≫
Produkt
Kaspersky Anti-Ransomware Tool
Default Statusunknown
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.032 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| vulnerability@kaspersky.com | 5.3 | 1 | 4.2 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.