CVE-2020-27020

Summary

Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).

Affected Software

VendorProductVersion RangeStatus
n/aKaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOSKPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References