Main Vulnerability Database Vulnerabilities #VU118593

#VU118593 Protection mechanism failure in Kaspersky Lab products - CVE-2025-64984

Published: November 18, 2025

Vulnerability identifier: #VU118593

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-64984

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Endpoint Security for Linux
Industrial CyberSecurity for Linux Nodes
Endpoint Security for Mac

Software vendor:
Kaspersky Lab

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. A remote attacker can bypass implemented security restrictions and perform XSS attacks against users protected with Kaspersky Endpoint Security solutions.

Remediation

It is recommended to update antivirus database to version 18.11.2025 or later to block known attack vectors.

External links

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#181125

#VU118593 Protection mechanism failure in Kaspersky Lab products - CVE-2025-64984

Description

Remediation

External links

Please verify you're human