Vulnerabilities > CVE-2022-27535 - Unspecified vulnerability in Kaspersky VPN Secure Connection 5.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
OS | 1 |
References
- https://forum.kaspersky.com/topic/kaspersky-statement-on-cve-2022-27535-26742/
- https://forum.kaspersky.com/topic/kaspersky-statement-on-cve-2022-27535-26742/
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#050822
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#050822
- https://www.synopsys.com/blogs/software-security/cyrc-advisory-kasperksy-vpn-microsoft-windows/
- https://www.synopsys.com/blogs/software-security/cyrc-advisory-kasperksy-vpn-microsoft-windows/