CVE-2022-27534

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security versions prior to 12 March 2022 Kaspersky Internet Security versions prior to 12 March 2022 Kaspersky Total Security versions prior to 12 March 2022 Kaspersky Small Office Security versions prior to 12 March 2022 Kaspersky Security Cloud versions prior to 12 March 2022

Description The issue is related to a bug in a data parsing module of Kaspersky Anti-Virus products, which potentially allowed an attacker to execute arbitrary code. This bug is also associated with unlimited resource allocation. The exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations For Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security versions prior to 12 March 2022, the fix was delivered automatically. For Kaspersky Internet Security versions prior to 12 March 2022, consider updating to a version released after 12 March 2022. For Kaspersky Total Security versions prior to 12 March 2022, consider updating to a version released after 12 March 2022. For Kaspersky Small Office Security versions prior to 12 March 2022, consider updating to a version released after 12 March 2022. For Kaspersky Security Cloud versions prior to 12 March 2022, consider updating to a version released after 12 March 2022.