Vulnerabilities > CVE-2021-27223 - Unspecified vulnerability in Kaspersky products

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

kaspersky

NVD

Published: 2022-04-01

Updated: 2022-04-11

Summary

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS

Vulnerable Configurations

Part	Description	Count
Application	Kaspersky Kaspersky Anti Virus 16.0.0.614 Kaspersky Anti Virus 2019 Kaspersky Endpoint Security 10 Kaspersky Endpoint Security 11.0.0 Kaspersky Endpoint Security 11.0.1 Kaspersky Endpoint Security 11.1.0 Kaspersky Endpoint Security 11.6.0 Kaspersky Internet Security - Kaspersky Internet Security 11.12.4.1622 Kaspersky Internet Security 16.0.0 Kaspersky Internet Security 16.0.0.614 Kaspersky Internet Security 21.1 Kaspersky Internet Security 2019 Kaspersky Security Cloud 2019 Kaspersky Security Cloud 2020 Kaspersky Small Office Security - Kaspersky Small Office Security 4.0 Kaspersky Small Office Security 5.0 Kaspersky Small Office Security 6.0 Kaspersky Total Security 16.0.0.614 Kaspersky Total Security 2019 Kaspersky Total Security 2020	28

References

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1