CVE-2019-15685

CVE Database · CVE-2019-15685

CVE-2019-15685

· MEDIUMModified

CVSS v3.1

4.3

EPSS

0.84%

Published

Nov 26, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. Bypass.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products (6)

kaspersky · anti-virusvulnerable

kaspersky · internet_securityvulnerable

kaspersky · security_cloudvulnerable

kaspersky · small_office_securityvulnerable

kaspersky · total_securityvulnerable

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs