CVE-2021-26718Incorrect Authorization in Internet Security

CWE-863Incorrect Authorization3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 84.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Kaspersky Internet Security
Timeline
PublishedApr 1
Latest updateMay 24

Description

KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-cr93-c4mw-5cqx: KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection2022-05-24
CVEList
CVE-2021-26718: KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker to disable anti-virus protection2021-04-01
CVE-2021-26718 — Incorrect Authorization in Kaspersky | cvebase