2 matches found
CVE-2020-14418
CVE-2020-14418 refers to a TOCTOU vulnerability in the library/middleware product madCodeHook before 2020-07-16, enabling local attackers to escalate to SYSTEM via path redirection (directory junctions). The issue is a local privilege escalation with an impact on confidentiality, integrity, and a...
CVE-2017-12317
Summary: The Cisco AMP for Endpoints local vulnerability stems from a static key used to encrypt the connector protection password. Root cause: a static key stored in the application. Impact: an authenticated, local attacker with administrative Windows access can access the static key by stopping...