CVE-2022-27535

Summary

Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker.

Affected Software

VendorProductVersion RangeStatus
n/aKaspersky VPN Secure Connection for Windowsprior to 21.6affected

Weaknesses

  • Local Privilege Escalation (LPE)

ADP Enrichment

CVE Program Container

Additional References

References