Kaspersky Secure VPN vulnerability could have given hackers the keys to the kingdom

By Scott Marlette Last updated Aug 10, 2022

Kaspersky has patched a major flaw in one of its VPN (opens in new tab) products which, had a malicious actor discovered it sooner, could have been abused to give them elevated privileges in a third-party environment.

The company confirmed these findings in a security advisory in which it also urged its users to patch (opens in new tab) their systems immediately. In early March this year, a researcher from the Synopsys Cybersecurity Research Center (CyRC), Zeeshan Shaikh, found an escalation of privilege flaw in Kaspersky’s VPN Secure Connection for Windows. This flaw would allow users to change their account status from “regular” to admin, essentially. In Windows, the account is called SYSTEM, it was explained.

“In the Support Tools part of the application, a regular user can use ‘delete service data and reports’ to remove a privileged folder,” CyRC explains. “And with that capability, an attacker can gain elevated privileges.”

High-risk

The flaw is now tracked as CVE-2022-27535, and carries a severity score of 7.8. That puts it in the “high-risk” category, but not quite “critical”. According to Kaspersky, there is no evidence of the flaw being exploited in the wild, so it’ good news that noone seems to have gotten hurt. Still, users are advised to apply the fix and bring their VPNs up to version 21.6 or later.

Cybercriminals often prey on unpatched devices, as unattended known vulnerabilities are often considered low-hanging fruit.

According to CyRC, Kaspersky took almost a month to confirm Shaikh’s findings, and said it released a fix in late May. Shaikh was able to validate the fix in late July.

Although no harm was done, the irony of the situation is that software such as the Kaspersky VPN Secure Connection for Windows is built to protect people from breaches, not be the root cause of one. VPN software is built to mask a device’s internet protocol address, encrypt data and route it through secure networks to servers often located abroad.

Get your employees connected safely online with the best business VPNs (opens in new tab) around

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.