CVE-2020-28950 - OpenCVE

The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Kaspersky	Anti-ransomware Tool

Configuration 1 [-]

OR	cpe:2.3:a:kaspersky:anti-ransomware_tool::::::::
	cpe:2.3:a:kaspersky:anti-ransomware_tool:4.0:patch_c::::::

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/192653	Third Party Advisory
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Kaspersky

Published: 2020-12-04T21:11:56

Updated: 2020-12-04T21:11:56

Reserved: 2020-11-19T00:00:00

Link: CVE-2020-28950

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-12-04T22:15:12.707

Modified: 2020-12-08T17:32:06.360

Link: CVE-2020-28950

JSON object: View

Redhat Information

No data.

CWE

CWE-427

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kaspersky:anti-ransomware_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A86E900-1E3B-4605-9BC3-40A327A05B0E", "versionEndExcluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kaspersky:anti-ransomware_tool:4.0:patch_c:*:*:*:*:*:*", "matchCriteriaId": "19115E4C-A8FC-4AAF-BFD2-E2305BAC8219", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process."}, {"lang": "es", "value": "El instalador de Kaspersky Anti-Ransomware Tool (KART) anterior a KART versi\u00f3n 4.0 Parche C era vulnerable a un ataque de secuestro de DLL que permit\u00eda a un atacante elevar los privilegios durante el proceso de instalaci\u00f3n"}], "id": "CVE-2020-28950", "lastModified": "2020-12-08T17:32:06.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-04T22:15:12.707", "references": [{"source": "nvd@nist.gov", "tags": ["Third Party Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192653"}, {"source": "vulnerability@kaspersky.com", "tags": ["Broken Link"], "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720"}], "sourceIdentifier": "vulnerability@kaspersky.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}