RSS   Vulnerabilities for 'Endpoint security'   RSS

2022-04-01
 
CVE-2022-27534

NVD-CWE-noinfo
 

 
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).

 
2021-02-26
 
CVE-2020-26200

CWE-863
 

 
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk (KRD) and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security (KES). This issue allowed to bypass the UEFI Secure Boot security feature. An attacker would need physical access to the computer to exploit it. Otherwise, local administrator privileges would be required to modify the boot loader component.

 

 >>> Vendor: Kaspersky 25 Products
Kaspersky anti-virus
Kaspersky internet security
Anti-virus
Endpoint security
Internet security
Total security
Kaspersky anti-virus scanner
Kaspersky online scanner
Kaspersky internet security 2010
Secure mail gateway
Protection
Total security 2015
Password manager
Safe browser
Anti-virus for linux server
Embedded systems security
Free anti-virus
Small office security
Security cloud
Secure connection
Vpn secure connection
Virus removal tool
Anti-ransomware tool
Tinycheck
Rescue disk


Copyright 2024, cxsecurity.com

 

Back to Top