Multiple vulnerabilities in Cisco NX-OS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 20 |
| CVE-ID | CVE-2018-0291 CVE-2018-0293 CVE-2018-0292 CVE-2018-0313 CVE-2018-0306 CVE-2018-0330 CVE-2018-0337 CVE-2018-0295 CVE-2018-0301 CVE-2018-0308 CVE-2018-0303 CVE-2018-0304 CVE-2018-0314 CVE-2018-0312 CVE-2018-0331 CVE-2018-0311 CVE-2018-0310 CVE-2018-0305 CVE-2018-0294 CVE-2018-0307 |
| CWE-ID | CWE-20 CWE-264 CWE-120 CWE-77 CWE-119 CWE-126 CWE-476 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco NX-OS Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 20 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU13425
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0291
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the Simple Network Management Protocol (SNMP) input packet processor due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. A remote attacker can send a specially crafted SNMP packet and cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service condition.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU13426
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0293
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists in role-based access control (RBAC)due to incorrect RBAC privilege assignment for certain CLI commands. A remote attacker can authenticate to a device as a nonadministrative user, executing specific commands from the CLI, gain elevated privileges and run arbitrary commands to modify the configuration or boot image on the device.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosrbac
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU13430
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0292
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists in the Internet Group Management Protocol (IGMP) Snooping feature due to boundary error when handling malicious input. An adjacent attacker can send a specially crafted IGMP packets, trigger memory corruption and cause the service to crash or execute arbitrary code and gain full control of the affected system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosigmp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Command injection
EUVDB-ID: #VU13431
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0313
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary commands on the target system.
The vulnerability exists in the NX-API feature of Cisco NX-OS Software due to incorrect input validation of user-supplied data to the NX-API subsystem. A remote attacker can send a malicious HTTP or HTTPS packet to the management interface of an affected system that has the NX-API feature enabled, inject and execute arbitrary commands with root privileges.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Command injection
EUVDB-ID: #VU13432
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0306
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary commands on the target system.
The vulnerability exists in the CLI parser of Cisco NX-OS Software due to insufficient input validation of command arguments. A local attacker can inject malicious command arguments into a vulnerable CLI command and execute arbitrary commands with root privileges.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Command injection
EUVDB-ID: #VU13434
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0330
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary commands on the target system.
The vulnerability exists in the NX-API management application programming interface (API) due to a failure to properly validate certain parameters included within an NX-API request. A remote attacker can authenticate to the NX-API, submit a specially crafted request designed to bypass NX-OS role assignment and execute arbitrary commands with elevated privileges.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-nxapi
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Command injection
EUVDB-ID: #VU13435
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0337
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary commands on the target system.
The vulnerability exists in the role-based access-checking mechanisms of Cisco NX-OS Software due to improper input and validation checks for certain file systems. A local attacker can issue specially crafted commands in the CLI and execute unwanted, arbitrary commands.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU13436
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0295
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software due to incomplete input validation of the BGP update messages. A remote attacker can send a specially crafted BGP update message and cause the switch to reload unexpectedly.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosbgp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Buffer overflow
EUVDB-ID: #VU13437
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-0301
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the NX-API feature of Cisco NX-OS Software due to boundary error when incorrect input validation in the authentication module of the NX-API subsystem. A remote unauthenticated attacker can send a specially crafted HTTP or HTTPS packet to the management interface of an affected system with the NX-API feature enabled, trigger memory corruption and execute arbitrary code with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-bo
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU13439
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-0308
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists in the Cisco Fabric Services component due to buffer overflow when insufficient validation of header values in Cisco Fabric Services packets. A remote unauthenticated attacker can send a specially crafted Cisco Fabric Services packet, trigger memory corruption and cause the service to crash or execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU13440
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0303
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to execute arbitrary code on the target system.
The vulnerability exists in the Cisco Discovery Protocol component due to buffer overflow when insufficient validation of Cisco Discovery Protocol packet headers. An adjacent attacker can send a specially crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device, trigger memory corruption and cause the service to crash or execute arbitrary code with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Memory corruption
EUVDB-ID: #VU13441
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-0304
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow or buffer over-read condition in the Cisco Fabric Services component when insufficient validation of Cisco Fabric Services packet headers. A remote unauthenticated attacker can send a specially crafted Cisco Fabric Services packet, trigger memory corruption and read sensitive memory content, cause the service to crash or execute arbitrary code with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-ace
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU13442
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-0314
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the Cisco Fabric Services (CFS) component due to buffer overflow when insufficient validation of Cisco Fabric Services packet headers when the software processes packet data. A remote unauthenticated attacker can send a maliciously crafted Cisco Fabric Services packet, trigger memory corruption and execute arbitrary code on the device.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU13443
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-0312
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to boundary error when insufficient validation of Cisco Fabric Services packet headers when the software processes packet data. A remote unauthenticated attacker can send a maliciously crafted Cisco Fabric Services packet, trigger buffer overflow condition and cause the service to crash or execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper input validation
EUVDB-ID: #VU13444
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0331
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The vulnerability exists in the Cisco Discovery Protocol (formerly known as CDP) subsystem due to improper validation of certain fields within a Cisco Discovery Protocol message prior to processing it. An adjacent attacker can submit a Cisco Discovery Protocol message and cause the service to crash.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU13445
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0311
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability in the Cisco Fabric Services component exists due to buffer overflow insufficient validation of Cisco Fabric Services packets when the software processes packet data. A remote attacker can send a maliciously crafted Cisco Fabric Services packet, trigger memory corruption and cause the service to crash.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Buffer over-read
EUVDB-ID: #VU13446
Risk: Medium
CVSSv4.0: 6.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0310
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The vulnerability exists in the Cisco Fabric Services component due to buffer over-read when insufficient validation of header values in Cisco Fabric Services packets. A remote unauthenticated attacker can send a specially crafted Cisco Fabric Services packet, trigger memory corruption and obtain sensitive information from memory or cause the service to crash.
MitigationInstall update from vendor's website.
Vulnerable software versionsCisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Null pointer dereference
EUVDB-ID: #VU13447
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0305
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the Cisco Fabric Services component due to insufficient validation of Cisco Fabric Services packets. A remote attacker can send a specially crafted Cisco Fabric Services packet, trigger a NULL pointer dereference and cause the service to crash.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Security restrictions bypass
EUVDB-ID: #VU13448
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0294
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to configure an unauthorized administrator account for an affected device.
The vulnerability exists in the write-erase feature due to improper deletion of sensitive files when certain CLI commands are used to clear the device configuration and reload a device. A local attacker can log into an affected device as an administrative user and configure an unauthorized account for the device.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linkshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Command injection
EUVDB-ID: #VU13433
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-0307
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary commands on the target system.
The vulnerability exists in the CLI of Cisco NX-OS Software due to insufficient input validation of command arguments. A local attacker can inject malicious command arguments into a vulnerable CLI command and execute arbitrary commands with root privileges.
MitigationInstall update from vendor's website.
Cisco NX-OS: All versions
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
