SSL Certificate Verification Failure in Kaspersky Internet Security for Android
CVE-2014-5654

Currently unrated

Key Information:

Vendor

Kaspersky
Status
Kaspersky Internet Security
Vendor
CVE Published:
9 September 2014

What is CVE-2014-5654?

The Kaspersky Internet Security application for Android lacks proper verification of X.509 certificates from SSL servers. This vulnerability creates an opportunity for man-in-the-middle attackers to present fraudulent SSL certificates, potentially allowing them to intercept and manipulate sensitive communications. Users of this application must remain vigilant, as successful exploitation could lead to the unauthorized disclosure of personal data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/218177
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/582497
third-party-advisoryx_refsource_CERT-VN
https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.