Arbitrary File Corruption Vulnerability in Kaspersky Virus Removal Tool
CVE-2020-25044

7.1HIGH

Key Information:

Vendor: Kaspersky
Status: Kaspersky Virus Removal Tool
Vendor: CVE Published:; 2 September 2020

What is CVE-2020-25044?

The Kaspersky Virus Removal Tool, specifically versions prior to 15.0.23.0, is vulnerable to an arbitrary file corruption flaw. This vulnerability may allow an attacker to manipulate and eliminate the contents of any file on the affected system, posing significant risks to data integrity and security.

Affected Version(s)

Kaspersky Virus Removal Tool prior to 15.0.23.0

References

https://support.kaspersky.com/general/vulnerability.aspx?...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 2, 2020
Vulnerability Reserved
Aug 31, 2020