Synopsys Identifies Kaspersky VPN Vulnerability

The Synopsys Cybersecurity Research Center team identified a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows.

Jonathan Knudsen is head of global research at Synopsys Cybersecurity Research Center. He said this vulnerability can be exploited to elevate privilege.

“This would typically be a second step in an attack,” he said. “The first step would be an attacker gaining access to a victim’s computer somehow, whether through social engineering or some other technique. If the victim’s computer had a vulnerable version of the Kaspersky VPN on it, the attacker could then use the vulnerability to gain administrative privileges, at which point the attacker would have full control over victim’s computer.”

A fully compromised computer would allow an attacker access to websites, credentials, files and other sensitive information that could be useful by itself or useful in moving laterally inside a corporate network, Knudsen said.

“We haven’t seen any exploitation of this vulnerability,” he said. “Most likely attackers will take note of it as a possible technique for elevation of privilege, after access has been gained to a victim’s computer.”

Kaspersky sent us the following statement:

“The Kaspersky team has closed a vulnerability in the Kaspersky VPN Secure Connection that allowed an authenticated attacker to trigger arbitrary file deletion in the system. It could lead to device malfunction or the removal of important system files required for correct system operation. To execute this attack, an intruder had to create a specific file and convince users to run ‘delete all service data and reports’ or ‘save report on your computer’ product features. To fix the vulnerability, the Kaspersky team recommends users check the app version they are running and install the latest one.”