Kaspersky Multiple Products 'Bases' Directory Insecure Permissions

This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.

Synopsis :

An antivirus product installed on the remote Windows host has a local
privilege escalation vulnerability.

Description :

The version of either Kaspersky Anti-Virus or Kaspersky Internet
Security installed on the remote host has a local privilege escalation

The Everyone group has Full Control rights to the 'Bases' directory.
This directory contains antivirus bases, configuration files, and
executable modules used by multiple Kaspersky products.

A local attacker could exploit this to execute arbitrary code with
SYSTEM privileges.

See also :


Solution :

Upgrade to one of the following versions :

- Kaspersky Anti-Virus 2010 (
- Kaspersky Internet Security 2010 (
- Kaspersky Anti-Virus 6.0 for Windows Workstations
- Kaspersky Anti-Virus 6.0 for Windows File Servers

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.0
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 43814 ()

Bugtraq ID: 37354

CVE ID: CVE-2009-4452

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now