CVE-2022-27534

2022-04-0122:17:49

Kaspersky

www.cve.org

9.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

JSON

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

CNA Affected

[
  {
    "product": "Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "with antivirus databases released before 12.03.2022"
      }
    ]
  }
]

References

support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_2