CVE-2019-15685

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus versions up to 2020 Kaspersky Internet Security versions up to 2020 Kaspersky Total Security versions up to 2020 Kaspersky Free Anti-Virus versions up to 2020 Kaspersky Small Office Security versions up to 2020 Kaspersky Security Cloud versions up to 2020

Description The web protection component of the affected Kaspersky products contains an issue due to insufficient input validation, allowing a remote attacker to disable security features such as private browsing and anti-banner protection.

Recommendations For Kaspersky Anti-Virus versions up to 2020, consider disabling the web protection component until a patch is available. For Kaspersky Internet Security versions up to 2020, restrict access to the web protection component to minimize the risk of exploitation. For Kaspersky Total Security versions up to 2020, avoid using the private browsing feature in the web protection component until the issue is resolved. For Kaspersky Free Anti-Virus versions up to 2020, consider temporarily disabling the anti-banner protection feature. For Kaspersky Small Office Security versions up to 2020, restrict access to the web protection component. For Kaspersky Security Cloud versions up to 2020, consider disabling the web protection component.