CVE-2018-0437

A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	HIGH
CVSS	7.8
EPSS	12.95% EPSS high
CWE	CWE-264
KEV
Published	7 years ago
Modified	1 year ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Umbrella Roaming Module for Cisco AnyConnect	cisco-sa-20180905-umbrella-priv	structured affected CSAF product_status
Cisco Umbrella	cisco-sa-20180905-umbrella-priv	structured affected CSAF product_status
Cisco Umbrella Enterprise Roaming Client for Mac	cisco-sa-20180905-umbrella-priv	structured affected CSAF product_status
Cisco Umbrella Enterprise Roaming Client for MacOS	cisco-sa-20180905-umbrella-priv	structured affected CSAF product_status
Cisco Umbrella Enterprise Roaming Client for Windows	cisco-sa-20180905-umbrella-priv	structured affected CSAF product_status