Total vulnerabilities in the database
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products
| Software | From | Fixed in |
|---|---|---|
| kaspersky / total_security | 2020 | 2020.x |
| kaspersky / secure_connection | 3.0 | 3.0.x |
| kaspersky / secure_connection | 4.0 | 4.0.x |
| kaspersky / total_security | 2019 | 2019.x |
| kaspersky / total_security | 2019-patch_f | 2019-patch_f.x |
| kaspersky / total_security | 2019-patch_i | 2019-patch_i.x |
| kaspersky / total_security | 2019-patch_j | 2019-patch_j.x |
| kaspersky / security_cloud | 2020 | 2020.x |
| kaspersky / security_cloud | 2019 | 2019.x |
| kaspersky / security_cloud | 2019-patch_i | 2019-patch_i.x |
| kaspersky / security_cloud | 2019-patch_j | 2019-patch_j.x |
| kaspersky / kaspersky_internet_security | 2019 | 2019.x |
| kaspersky / kaspersky_internet_security | 2019-patch_i | 2019-patch_i.x |
| kaspersky / kaspersky_internet_security | 2019-patch_f | 2019-patch_f.x |
| kaspersky / kaspersky_internet_security | 2019-patch_j | 2019-patch_j.x |