CVE-2024-13614

{"id": "CVE-2024-13614", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "vulnerability@kaspersky.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 1.0}]}, "published": "2025-02-06T17:15:18.080", "references": [{"url": "https://support.kaspersky.com/vulnerability/list-of-advisories/12430#060225", "source": "vulnerability@kaspersky.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "vulnerability@kaspersky.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, Kaspersky Anti-Ransomware Tool that could allow an authenticated attacker to write data to a limited area outside the allocated kernel memory buffer. The fix was installed automatically for all Kaspersky Endpoint products."}, {"lang": "es", "value": "Kaspersky ha corregido un problema de seguridad en Kaspersky Anti-Virus SDK para Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security para Windows, Kaspersky Small Office Security, Kaspersky para Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids y Kaspersky Anti-Ransomware Tool que pod\u00eda permitir que un atacante autenticado escribiera datos en un \u00e1rea limitada fuera del b\u00fafer de memoria del n\u00facleo asignado. La correcci\u00f3n se instal\u00f3 autom\u00e1ticamente para todos los productos Kaspersky Endpoint."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "vulnerability@kaspersky.com"}