CVE-2017-12312 — Improper Input Validation in Cisco Advanced Malware Protection FOR Endpoints

CWE-20 — Improper Input Validation CWE-426 — Untrusted Search Path4 documents4 sources

Severity

6.7MEDIUMNVD

EPSS

0.1%

top 80.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Advanced Malware Protection FOR Endpoints

Timeline

PublishedNov 16

Latest updateMay 13

Description

An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerab…

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

▶NVDcisco/advanced_malware_protection3.1.0

🔴Vulnerability Details

GHSA

GHSA-rpc8-p8rc-75gr: An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to↗2022-05-13

▶

CVEList

CVE-2017-12312: An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to↗2017-11-16

▶

📋Vendor Advisories

Cisco

Cisco Immunet Antimalware Installer DLL Preloading Vulnerability↗2017-11-15

▶