#VU83232 Input validation error in Secure Endpoint for Windows and Secure Endpoint Private Cloud - CVE-2023-20084
Vulnerability identifier: #VU83232
Vulnerability risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Secure Endpoint for Windows
Client/Desktop applications /
Antivirus software/Personal firewalls
Secure Endpoint Private Cloud
Client/Desktop applications /
Antivirus software/Personal firewalls
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a timing issue that occurs between various software components. A remote user can trick a victim to put a specially crafted file into a specific folder and then persuade the user to execute the file within a limited time window, leading to the endpoint software to fail to quarantine the malicious file or kill its process.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Secure Endpoint for Windows: before 7.5.17
Secure Endpoint Private Cloud: before 4.1
External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-endpoint-dos-RzOgFKnd
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
