5.3
CVE-2024-13614
- EPSS 0.02%
- Published 06.02.2025 17:15:18
- Last modified 06.02.2025 17:15:18
- Source vulnerability@kaspersky.com
- Teams watchlist Login
- Open Login
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorKaspersky
≫
Product
Kaspersky Anti-Virus SDK for Windows
Default Statusunaffected
Version <=
8.10.1.1943
Version
8.10.1.1943
Status
affected
Version <=
8.10.1.1943 CF
Version
8.10.1.1943 CF
Status
affected
VendorKaspersky
≫
Product
Kaspersky Security for Virtualization Light Agent
Default Statusunaffected
Version <
5.2.27.319
Version
5.2
Status
affected
Version <=
5.2.27.319
Version
5.2.27.319
Status
unknown
VendorKaspersky
≫
Product
Kaspersky Endpoint Security for Windows
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Small Office Security
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky for Windows (Standard, Plus, Premium)
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Free
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Anti-Virus
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Internet Security
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Security Cloud
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Safe Kids
Default Statusunknown
VendorKaspersky
≫
Product
Kaspersky Anti-Ransomware Tool
Default Statusunknown
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.032 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| vulnerability@kaspersky.com | 5.3 | 1 | 4.2 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.