CVE-2020-3350
Severity
6.3MEDIUM
EPSS
0.1%
top 67.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 18
Latest updateMay 24
Description
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages5 packages
Also affects: Debian Linux 9.0, Fedora 31, 32, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 20.04
🔴Vulnerability Details
5GHSA▶
GHSA-86pg-j5jw-f37r: A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the runni↗2022-05-24
OSV▶
CVE-2020-3350: A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the runni↗2020-06-18
📋Vendor Advisories
4💬Community
4Bugzilla▶
CVE-2020-3350 clamav: malicious user exploit to replace scan target's directory with symlink↗2020-07-17
Bugzilla▶
CVE-2020-3350 clamav: malicious user exploit to replace scan target's directory with symlink [epel-all]↗2020-07-17
Bugzilla▶
CVE-2020-3350 clamav: malicious user exploit to replace scan target's directory with symlink [fedora-all]↗2020-07-17