Lucene search
K

18 matches found

Securelist
Securelist
added 2026/03/18 11:0 a.m.19 views

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Introduction In this installment of our SOC Files series, we will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago. It involves a threat known as Horabot , a bundle consisting of an infamous banking Trojan, an email spreader, and a notably complex...

6AI score
Exploits0
CNNVD
CNNVD
added 2025/11/20 12:0 a.m.4 views

Kaspersky Endpoint Security和Kaspersky Industrial CyberSecurity for Linux Nodes 安全漏洞

Kaspersky Endpoint Security and Kaspersky Industrial CyberSecurity for Linux Nodes are both products of the Swiss company Kaspersky.Kaspersky Endpoint Security is an endpoint protection software. Kaspersky Industrial CyberSecurity for Linux Nodes is an industrial network security software. A...

6.1CVSS6AI score0.00155EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.10 views

CVE-2022-27534

Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev Positive...

9.8CVSS7.6AI score0.03016EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.5 views

Kaspersky多款产品 安全漏洞

Kaspersky Anti-Virus is a suite of antivirus software, Kaspersky Internet Security is a suite of security software with both anti-virus and firewall features. Internet Security is a suite of antivirus software for Internet security.Kaspersky Anti-Ransomware Tool is a security software that provid...

5.3CVSS6.5AI score0.00128EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.2 views

PT-2024-1793 · Kaspersky · Kaspersky Endpoint Security For Windows

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security for Windows affected versions not specified Description: The issue is related to insecure privilege management in Kaspersky Endpoint Security for Windows. It may allow a remote attacker to suspend the operation of...

1.7CVSS7AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.6 views

The vulnerability of the installation file of the Kaspersky Endpoint Security antivirus software and the Kavremover utility allows a malicious actor to execute an external executable file from within the installation process.

The vulnerability of the installation file of Kaspersky Endpoint Security and the Kavremover utility is related to an uncontrolled element in the search path. Exploiting this vulnerability could allow a malicious actor to execute an external executable file from within the installation process...

3.3CVSS5.6AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.2 views

PT-2022-5289 · Kaspersky · Kavremover +1

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security affected versions not specified Kavremover affected versions not specified Description: The issue is related to an uncontrolled search path element in the installation file of Kaspersky Endpoint Security and the...

1.7CVSS7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.3 views

PT-2022-5288 · Kaspersky · Kavremover +1

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security affected versions not specified Kavremover affected versions not specified Description: The issue is related to an uncontrolled search path element in the installation file of Kaspersky Endpoint Security and the...

1.7CVSS6.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.7 views

The vulnerability of the modules related to antivirus protection software, such as Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security, is related to vulnerabilities in access control. These vulnerabilities allow attackers to trigger an emergency shutdown of the Microsoft Windows operating system.

The vulnerability of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security modules is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to...

4.4CVSS5.9AI score0.00194EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.6 views

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows involves errors during path restriction for restricted access directories. This allows a malicious user to trigger a service failure when loading the operating system.

The vulnerability of Kaspersky Endpoint Security for Windows relates to errors during path limitation for restricted access directories. Exploiting this vulnerability can allow a malicious actor to cause a service failure when the operating system is loaded...

5CVSS6.6AI score0.02518EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/31 12:0 a.m.17 views

The vulnerability of the Web Antivirus component of Kaspersky Endpoint Security allows a perpetrator to compromise data integrity.

The vulnerability of the Web Antivirus component of Kaspersky Endpoint Security relates to insufficient checking of file paths for reparse points. Exploiting this vulnerability can allow attackers to compromise data integrity...

5.5CVSS5.5AI score
Exploits0References1Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.8 views

The vulnerability of the Kaspersky Endpoint Security anti-virus protection component and the Kaspersky Rescue Disk boot disk, related to insufficient verification of data authenticity, allows attackers to bypass the UEFI Secure Boot security mechanism.

The vulnerability of the Kaspersky Endpoint Security anti-virus protection component and the Kaspersky Rescue Disk boot disk is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow a remote attacker to bypass the UEFI Secure Boot security mechanism...

5.3CVSS7AI score0.00231EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/17 12:0 a.m.6 views

PT-2021-2011

Name of the Vulnerable Software and Affected Versions: Kaspersky Endpoint Security affected versions not specified Kaspersky Rescue Disk affected versions not specified Description: A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of...

6.8CVSS5.8AI score0.00231EPSS
Exploits0References7
hackapp
hackapp
added 2016/11/29 1:36 p.m.37 views

Kaspersky Endpoint Security - Certificates or keys found, Corrupted files, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Kaspersky Endpoint Security published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/11/01 12:0 a.m.2 views

Kaspersky Endpoint Security for Windows MD5 Local Information Disclosure Vulnerability

Kaspersky Endpoint Security for Windows is a suite of Windows-based security software that provides digital threat protection for business users. A local information disclosure vulnerability exists in Kaspersky Endpoint Security for Windows, which can be exploited by local attackers to obtain...

5.9AI score
Exploits0References1
CNVD
CNVD
added 2015/11/01 12:0 a.m.1 views

Kaspersky Endpoint Security 'avp.exe' Authentication Bypass Vulnerability

Kaspersky Endpoint Security is a suite of security software that provides digital threat protection protection for business users. Kaspersky Endpoint Security suffers from an authentication bypass vulnerability that could be exploited by an attacker to bypass authentication mechanisms and perform...

7AI score
Exploits0References1
securityvulns
securityvulns
added 2015/10/05 12:0 a.m.232 views

[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-001 Product: Kaspersky Endpoint Security for Windows KES Manufacturer: Kaspersky Lab ZAO Affected Versions: 8.1.0.1042, 10.2.1.23 Tested Versions: 8.1.0.1042, 10.2.1.23 Vulnerability Type: Authentication Bypass Using an...

Exploits0
0day.today
0day.today
added 2015/10/02 12:0 a.m.95 views

Kaspersky Endpoint Security For Windows 8.1.0.1042 / 10.2.1.23 Authentication Bypass

By analyzing the password-based authentication for unloading the Kaspersky Endpoint Security for Windows protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe, which runs or can be run in the context of the current Windows user, who can also be a...

7.3AI score
Exploits0
Rows per page
Query Builder