Security officials have identified several vulnerabilities in Kaspersky’s Anti Targeted Attack Platform that could allow attackers to perform remote indirect code injection (XSS). The weaknesses affect all versions of the platform older than 7.1.7 and could enable malicious scripts to run on affected systems. Kaspersky has issued a security bulletin (12430#260526) detailing the flaws and providing patches. Users are advised to update to the latest version or apply the fixes referenced in the bulletin. The vulnerabilities are tracked under CVE‑2026‑28348 and CVE‑2026‑28350. Affected organizations should review the documentation and install the recommended updates promptly to mitigate the risk. The advisory also advises monitoring for unusual activity that could indicate exploitation.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.