CVE-2022-27535

Name of the Vulnerable Software and Affected Versions Kaspersky VPN Secure Connection for Windows version up to 21.5

Description The issue is related to the possibility of arbitrary file deletion in the system via abuse of the 'Delete All Service Data And Reports' feature by a local authenticated attacker. This can potentially allow an attacker to elevate their privileges by creating a specially crafted symbolic link to a critical folder in the system and deleting it using the mentioned feature. The vulnerability threatens remote and work-from-home users.

Recommendations For Kaspersky VPN Secure Connection for Windows version up to 21.5, consider disabling the 'Delete All Service Data And Reports' feature until a patch is available to prevent exploitation. Restrict access to the 'Инструменты поддержки' (Support Tools) part of the application to minimize the risk of privilege escalation. Avoid using the feature that allows deletion of service data and reports until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.