CVE-2024-13614
Published: Feb 6, 2025
Modified: Feb 12, 2025
CVSS v3.1
5.3
Description
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products.
| Vendor | Product | Versions |
|---|---|---|
Kaspersky | Kaspersky Anti-Virus SDK for Windows | affected 8.10.1.1943 - <= 8.10.1.1943affected 8.10.1.1943 CF - <= 8.10.1.1943 CF |
Kaspersky | Kaspersky Security for Virtualization Light Agent | affected 5.2 - < 5.2.27.319unknown 5.2.27.319 - <= 5.2.27.319 |
Kaspersky | Kaspersky Endpoint Security for Windows | All versions |
Kaspersky | Kaspersky Small Office Security | All versions |
Kaspersky | Kaspersky for Windows (Standard, Plus, Premium) | All versions |
Kaspersky | Kaspersky Free | All versions |
Kaspersky | Kaspersky Anti-Virus | All versions |
Kaspersky | Kaspersky Internet Security | All versions |
Kaspersky | Kaspersky Security Cloud | All versions |
Kaspersky | Kaspersky Safe Kids | All versions |
Kaspersky | Kaspersky Anti-Ransomware Tool | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now