close search bar

Sorry, not available in this language yet

close language selection
 

CyRC Vulnerability Advisory: Local privilege escalation in Kaspersky VPN

CVE-2022-27535 is a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows.

CyRC advisory: Kaspersky VPN | Synopsys

Overview

The Synopsys Cybersecurity Research Center (CyRC) team has identified a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows.

In the Support Tools part of the application, a regular user can use Delete service data and reports to remove a privileged folder.

Based on this capability, an attacker can leverage Arbitrary Folder Delete to SYSTEM EoP to gain SYSTEM privileges.

Publication of CVE-2022-27535 is expected soon from Kaspersky.

Affected software

Kaspersky VPN Secure Connection 21.3.10.391 (h)

Impact

CVSS 3.1 base score: 7.8 (high)

CVSS 3.1 vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Remediation

Upgrade to version 21.6 or later.

Discovery credit

Zeeshan Shaikh (@bugzzzhunter), is a researcher from the Synopsys Cybersecurity Research Center.

Timeline

  • March 9, 2022: Initial disclosure
  • March 28, 2022: Kaspersky confirms vulnerability
  • May 31, 2022: Kaspersky confirms fix has been released
  • July 29, 2022: Fix validated by Zeeshan Shaikh
  • August 4, 2022: Advisory published by Synopsys

About CVSS

FIRST.Org, Inc (FIRST) is a non-profit organization based out of US that owns and manages CVSS. It is not required to be a member of FIRST to utilize or implement CVSS but FIRST does require any individual or organization give appropriate attribution while using CVSS. FIRST also states that any individual or organization that publishes scores follow the guideline so that anyone can understand how the scare was calculated.

Learn more about vulnerabilities discovered and disclosed by CyRC

Visit our website

 
Zeeshan Shaikh

Posted by

Zeeshan Shaikh

Zeeshan Shaikh

Zeeshan Shaikh is a security consultant at Synopsys. He is of curious nature who likes to break software and learn new things. He also likes to perform security research and has identified many vulnerabilities, which he has responsibly reported to vendors like Google, Vmware, etc.


More from Security news and research