Severity
Medium
Analysis Summary
CVE-2020-35929
Kaspersky TinyCheck could allow a remote attacker to obtain sensitive information, caused by the use of hard-coded credentials to the backend part of the tool. By sending a specially-crafted request, an attacker could exploit this vulnerability to access to remote data, and use this information to launch further attacks against the affected system.
Impact
Information disclosure
Affected Vendors
Kaspersky
Affected Products
Kaspersky TinyCheck
Remediation
Refer to TinyCheck GIT Repository for patch, upgrade or suggested workaround information.