Lucene search
K
CiscoAdvanced Malware Protection For Endpoints

12 matches found

CVE
CVE
added 2019/07/06 1:30 a.m.417 views

CVE-2019-1932

The CVE-2019-1932 issue affects Cisco AMP for Endpoints (Windows). The vulnerability arises from insufficient validation of dynamically loaded modules, enabling a local authenticated attacker with administrator privileges to place a file in a specific Windows path and execute code with the AMP se...

7.2CVSS6.7AI score0.00267EPSS
CVE
CVE
added 2020/06/18 2:16 a.m.220 views

CVE-2020-3350

CVE-2020-3350 concerns ClamAV (and is referenced in the Cisco/AMP context in the initial doc). A vulnerability allowed a malicious user to trick clamscan, clamdscan or clamonacc into deleting or moving a different file than intended when using the --move or --remove options. The underlying issue ...

6.3CVSS6.3AI score0.00264EPSS
CVE
CVE
added 2021/04/08 4:5 a.m.111 views

CVE-2021-1386

CVE-2021-1386 describes a DLL hijacking vulnerability in Cisco AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet. The issue arises from insufficient validation of directory search paths at run time, enabling an authenticated, local attacker to place a malicious DLL and execute ...

7.8CVSS7.3AI score0.0028EPSS
CVE
CVE
added 2018/11/08 5:0 p.m.109 views

CVE-2018-15437

CVE-2018-15437 affects Cisco Immunet and Cisco AMP for Endpoints on Windows. The issue stems from improper resource handling in the system scanning component, enabling a local attacker to disable scanning and allow unanalysed executables to run. The vulnerability is a local Denial of Service to t...

5.5CVSS5.1AI score0.00966EPSS
CVE
CVE
added 2020/05/22 5:15 a.m.76 views

CVE-2020-3314

Cisco AMP for Endpoints Mac Connector Software contains a file-scan denial-of-service vulnerability (CVE-2020-3314) caused by insufficient input validation of file attributes. A crafted file could crash the scan engine, restart the AMP Connector, and cause DoS of the Cisco AMP for Endpoints servi...

6.1CVSS6AI score0.00564EPSS
CVE
CVE
added 2021/01/20 7:56 p.m.75 views

CVE-2021-1280

CVE-2021-1280 describes a DLL hijacking vulnerability in the loading mechanism of specific DLLs used by Cisco AMP for Endpoints (Windows) and Immunet (Windows). An authenticated, local attacker could exploit improper directory search path handling by placing a malicious DLL on the target system, ...

7.8CVSS7.5AI score0.00443EPSS
CVE
CVE
added 2020/05/22 5:15 a.m.67 views

CVE-2020-3343

CVE-2020-3343 affects Cisco AMP for Endpoints Linux Connector Software and Mac Connector Software. The root cause is insufficient input validation that allows a crafted packet to trigger a memory buffer overflow, enabling an authenticated local attacker to crash the Cisco AMP for Endpoints servic...

5.5CVSS5.5AI score0.0032EPSS
CVE
CVE
added 2017/11/16 7:0 a.m.65 views

CVE-2017-12312

The CVE-2017-12312 issue affects the Cisco Immunet antimalware installer, where an untrusted search path (DLL preloading) allows a local attacker with administrative privileges to run arbitrary code by placing a crafted DLL in the current working directory before installation. Root cause: incompl...

7.2CVSS6.8AI score0.00536EPSS
CVE
CVE
added 2018/08/01 8:0 p.m.64 views

CVE-2018-0397

Cisco AMP for Endpoints Mac Connector on macOS 10.12 is affected by CVE-2018-0397. The flaw allows an unauthenticated remote attacker to trigger a kernel panic and DoS if the software is running in Block network conviction mode. Exploitation could occur when a server process is started and an IP ...

7.1CVSS5.3AI score0.01482EPSS
CVE
CVE
added 2020/05/22 5:15 a.m.57 views

CVE-2020-3344

Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software contain a memory buffer vulnerability caused by insufficient input validation. An authenticated, local attacker can send a crafted packet to overflow a buffer, potentially crashing and restarting t...

5.5CVSS5.5AI score0.0032EPSS
CVE
CVE
added 2018/11/13 2:0 p.m.53 views

CVE-2018-15452

Cisco AMP for Endpoints on Windows is affected by CVE-2018-15452 in the DLL loading component (DLL preloading). A local, authenticated attacker with administrative credentials can exploit improper validation of resources loaded by a system process by placing a crafted DLL in a specific location, ...

6.7CVSS5.7AI score0.00334EPSS
CVE
CVE
added 2018/04/19 8:0 p.m.48 views

CVE-2018-0237

CVE-2018-0237 affects Cisco AMP for Endpoints macOS Connector. The vulnerability stems from a file type detection mechanism that relies solely on the DMG file extension to classify files. An unauthenticated, remote attacker could exploit this by sending a DMG with a nonstandard extension, potenti...

5.8CVSS5.5AI score0.01221EPSS