Skip to main content

Kaspersky Internet Security

2 CVEs product

Monthly

CVE-2019-15689 MEDIUM POC This Month

Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation RCE Information Disclosure Kaspersky Internet Security Secure Connection +2
NVD
CVSS 3.1
6.7
EPSS
0.8%
CVE-2014-5654 MEDIUM This Month

The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Kaspersky Internet Security
NVD
CVSS 2.0
5.4
EPSS
0.0%
EPSS 1% CVSS 6.7
MEDIUM POC This Month

Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation RCE Information Disclosure +4
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Kaspersky Internet Security
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy