cisco-sa-20190703-amp-commandinj

Cisco Advanced Malware Protection for Endpoints Windows Command Injection Vulnerability

cisco-sa-20190703-amp-commandinj · Medium · Published 6 years ago · Updated 6 years ago

A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit this vulnerability by placing a file in a specific location in the Windows filesystem. A successful exploit could allow the attacker to execute the code with the privileges of the AMP service. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-amp-commandinj

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2019-1932
Cisco Bug IDs	CSCvp53361
CVSS Score	Base 6.7 Base 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source	Cisco AMP for Endpoints, Cisco Secure Endpoint

Related Products

Product	CVE	Evidence
Cisco Secure Endpoint	CVE-2019-1932	Cisco OpenVuln
Cisco AMP for Endpoints	CVE-2019-1932	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Advanced Malware Protection for Endpoints Windows Command Injection Vulnerability

Workarounds

Related Products