Lucene search

[email protected]CVE-2019-15689

HistoryDec 02, 2019 - 9:15 p.m.

CVE-2019-15689

2019-12-0221:15:16

CWE-668

[email protected]

web.nvd.nist.gov

kaspersky

security

vulnerability

cve-2019-15689

whitelisting bypass

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products

Affected configurations

NVD

Node

kasperskykaspersky_internet_securityMatch2019-

kasperskykaspersky_internet_securityMatch2019patch_f

kasperskykaspersky_internet_securityMatch2019patch_i

kasperskykaspersky_internet_securityMatch2019patch_j

kasperskysecure_connectionMatch3.0

kasperskysecure_connectionMatch4.0

kasperskysecurity_cloudMatch2019-

kasperskysecurity_cloudMatch2019patch_i

kasperskysecurity_cloudMatch2019patch_j

kasperskysecurity_cloudMatch2020-

kasperskytotal_securityMatch2019-

kasperskytotal_securityMatch2019patch_f

kasperskytotal_securityMatch2019patch_i

kasperskytotal_securityMatch2019patch_j

kasperskytotal_securityMatch2020

CPENameOperatorVersion
kaspersky:kaspersky_internet_securitykaspersky kaspersky internet securityeq2019
kaspersky:secure_connectionkaspersky secure connectioneq3.0
kaspersky:secure_connectionkaspersky secure connectioneq4.0
kaspersky:security_cloudkaspersky security cloudeq2019
kaspersky:security_cloudkaspersky security cloudeq2020
kaspersky:total_securitykaspersky total securityeq2019
kaspersky:total_securitykaspersky total securityeq2020

CPE	Name	Operator	Version
kaspersky:kaspersky_internet_security	kaspersky kaspersky internet security	eq	2019
kaspersky:secure_connection	kaspersky secure connection	eq	3.0
kaspersky:secure_connection	kaspersky secure connection	eq	4.0
kaspersky:security_cloud	kaspersky security cloud	eq	2019
kaspersky:security_cloud	kaspersky security cloud	eq	2020
kaspersky:total_security	kaspersky total security	eq	2019
kaspersky:total_security	kaspersky total security	eq	2020

CNA Affected

[
  {
    "product": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",
    "vendor": "Kaspersky",
    "versions": [
      {
        "status": "affected",
        "version": "prior to version 2020 patch E"
      }
    ]
  }
]

References

safebreach.com/Post/Kaspersky-Secure-Connection-DLL-Preloading-and-Potential-Abuses-CVE-2019-15689

support.kaspersky.com/general/vulnerability.aspx?el=12430#021219

www.symantec.com/security-center/vulnerabilities/writeup/111033

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2019-15689

prion1 cvelist1 nvd1 symantec1