CVE-2020-25045

Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system.

Published: Sep 2, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-25045
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
kaspersky / security_center_web_console	-	12
kaspersky / security_center	-	12

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720

Vulnerability Database

290,020

CVE-2020-25045