Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-20338
HistoryMar 06, 2024 - 5:15 p.m.

Code injection

2024-03-0617:15:00
PRIOn knowledge base
www.prio-n.com
6
cisco secure client
linux
code injection
privilege elevation
ise posture
system scan
vulnerability
local attacker
root privileges

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device.

This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.

Related

cve 1
nvd 1
cvelist 1
cisco 1
nessus 1
thn 1
cve
cve
CVE-2024-20338
2024-03-06 17:15:09
nvd
nvd
CVE-2024-20338
2024-03-06 17:15:09
cvelist
cvelist
CVE-2024-20338
2024-03-06 16:29:33
cisco
cisco
Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability
2024-03-06 16:00:00
nessus
nessus
Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation (cisco-sa-secure-privesc-sYxQO6ds)
2024-03-08 00:00:00
thn
thn
Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client
2024-03-08 08:09:00

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for PRION:CVE-2024-20338
cve1nvd1cvelist1cisco1nessus1thn1