CVE-2020-27020

Published: May 14, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).

Vendor	Product	Versions
n/a	Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS	affected `KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31`

References

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-27020

Description

Affected Products

References