CVE-2022-27534

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/04/2022
Last modified:
08/04/2022

Description

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:kaspersky:anti-virus:*:*:*:*:*:*:*:* 12.03.2022 (excluding)
cpe:2.3:a:kaspersky:endpoint_security:*:*:*:*:*:*:*:* 12.03.2022 (excluding)
cpe:2.3:a:kaspersky:internet_security:*:*:*:*:*:*:*:* 12.03.2022 (excluding)
cpe:2.3:a:kaspersky:security_cloud:*:*:*:*:*:*:*:* 12.03.2022 (excluding)
cpe:2.3:a:kaspersky:small_office_security:*:*:*:*:*:*:*:* 12.03.2022 (excluding)
cpe:2.3:a:kaspersky:total_security:*:*:*:*:*:*:*:* 12.03.2022 (excluding)