Arbitrary Code Execution Vulnerability in Kaspersky Anti-Virus Products

Arbitrary Code Execution Vulnerability in Kaspersky Anti-Virus Products

CVE-2022-27534 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

Learn more about our Web Application Penetration Testing UK.