PT-2017-12713 · Kaspersky · Kaspersky Embedded Systems Security

Published

2017-12-08

·

Updated

2017-12-20

·

CVE-2017-12823

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Kaspersky Embedded Systems Security version 1.2.0.300
Description The issue is related to kernel pool memory corruption in one of the drivers, which can lead to local privilege escalation.
Recommendations For version 1.2.0.300, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-12823

Affected Products

Kaspersky Embedded Systems Security