Vulnerability Description
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis, Kurmangaleev Shamil, Fedotov Andrey, Kuts Daniil, Mishechkin Maxim, Akolzin Vitaliy) @ ISPRAS
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kaspersky | Anti-Virus | < 2021-06 |
| Kaspersky | Endpoint Security | < 2021-06 |
| Kaspersky | Internet Security | < 2021-06 |
| Kaspersky | Security Cloud | < 2021-06 |
| Kaspersky | Small Office Security | < 2021-06 |
| Kaspersky | Total Security | < 2021-06 |
References
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1Broken Link
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#310322_1Broken Link
FAQ
What is CVE-2021-27223?
CVE-2021-27223 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a...
How severe is CVE-2021-27223?
CVE-2021-27223 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27223?
Check the references section above for vendor advisories and patch information. Affected products include: Kaspersky Anti-Virus, Kaspersky Endpoint Security, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Small Office Security.