CVE-2021-27223: 
Kaspersky Endpoint Security for Windows vulnerability analysis and mitigation

A denial-of-service issue (CVE-2021-27223) was identified in a module incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. The vulnerability was discovered in June 2021 and affected multiple Kaspersky products including Kaspersky Anti-Virus, Internet Security, Total Security, Small Office Security, Security Cloud, and Endpoint Security (Kaspersky Advisory).

The vulnerability allowed a local user with standard privileges to cause a Windows system crash by executing a specially crafted binary module. The issue has a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access required, low attack complexity, low privileges required, no user interaction needed, and high impact on availability (NVD).

When successfully exploited, the vulnerability could lead to a denial-of-service condition by causing the Windows system to crash, potentially disrupting normal system operations and requiring a restart (Kaspersky Advisory).

The fix was delivered automatically through antivirus database updates released in June 2021. Users can verify the fix installation by checking that their antivirus databases are up to date. Kaspersky products support automatic updates to streamline the update process (Kaspersky Advisory).