Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-4452 — LAB Kaspersky Anti-virus vulnerability

CWE-2646 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

0.2%

top 63.78%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Kaspersky LAB Kaspersky Anti-virus Kaspersky LAB Kaspersky Anti-virus 2009 Kaspersky LAB Kaspersky Anti-virus 2010 +4 more

Timeline

PublishedDec 29

Latest updateMay 2

Description

Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.1 | Impact: 10.0

Affected Packages7 packages

▶NVDkaspersky_lab/kaspersky_anti-virus_20098.0.0.454

▶NVDkaspersky_lab/kaspersky_anti-virus_20109.0.0.463

▶NVDkaspersky_lab/kaspersky_anti-virus_personal4 versions+3

▶NVDkaspersky_lab/kaspersky_anti-virus5.0.712, 6.0.3.837, 7.0.1.325+2

▶NVDkaspersky_lab/kaspersky_internet_security_20098.0.0.506

🔴Vulnerability Details

GHSA

GHSA-h766-w7jj-3628: Kaspersky Anti-Virus 5↗2022-05-02

▶

CVEList

CVE-2009-4452: Kaspersky Anti-Virus 5↗2009-12-29

▶

💥Exploits & PoCs

Exploit-DB

Kaspersky Lab (Multiple Products) - Local Privilege Escalation↗2009-12-16

▶

📋Vendor Advisories

Red Hat

mysql: regression of CVE-2009-4030↗2012-09-27

▶

💬Community

Bugzilla

CVE-2012-4452 mysql: regression of CVE-2009-4030↗2012-09-26

▶