Main Vulnerability Database Vulnerabilities #VU66134

Link following in Kaspersky VPN Secure Connection - CVE-2022-27535

Published: August 5, 2022 / Updated: August 9, 2022

Vulnerability identifier: #VU66134

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-27535

CWE-ID: CWE-59

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Kaspersky VPN Secure Connection

Software vendor:
Kaspersky Lab

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following when deleting folders via support tools. A local user can create a specially crafted symbolic link to a critical folder on the system and delete it via "Delete service data and reports" feature, which can result in future privilege escalation.

Remediation

Install updates from vendor's website.

External links

https://www.synopsys.com/blogs/software-security/cyrc-advisory-kasperksy-vpn-microsoft-windows/
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#050822

Link following in Kaspersky VPN Secure Connection - CVE-2022-27535

Description

Remediation

External links

Please verify you're human