CVE-2020-25043

CVE Database · CVE-2020-25043

CVE-2020-25043

· HIGHModified

CVSS v3.1

7.1

EPSS

0.31%

Published

Sep 2, 2020

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Affected Products (1)

kaspersky · vpn_secure_connection (up to 5.0)vulnerable

References (2)

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720

Broken Link

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs