Description
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High
Affected products
- Kaspersky / Kaspersky Anti-Ransomware Tool
- Kaspersky / Kaspersky Anti-Virus
- Kaspersky / Kaspersky Anti-Virus SDK for Windows8.10.1.1943 – 8.10.1.1943
- Kaspersky / Kaspersky Anti-Virus SDK for Windows8.10.1.1943 CF – 8.10.1.1943 CF
- Kaspersky / Kaspersky Endpoint Security for Windows
- Kaspersky / Kaspersky for Windows (Standard, Plus, Premium)
- Kaspersky / Kaspersky Free
- Kaspersky / Kaspersky Internet Security
- Kaspersky / Kaspersky Safe Kids
- Kaspersky / Kaspersky Security Cloud
- Kaspersky / Kaspersky Security for Virtualization Light Agent5.2 – 5.2.27.319
- Kaspersky / Kaspersky Security for Virtualization Light Agent5.2.27.319 – 5.2.27.319
- Kaspersky / Kaspersky Small Office Security