CVE-2022-27535

2022-08-0516:47:46

Kaspersky

www.cve.org

kaspersky

vpn

windows

arbitrary file deletion

local attacker

vulnerability

AI Score

7.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its ‘Delete All Service Data And Reports’ feature by the local authenticated attacker.

CNA Affected

[
  {
    "product": "Kaspersky VPN Secure Connection for Windows",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 21.6"
      }
    ]
  }
]