Cisco Amp For Endpoints vulnerabilities

CVE-2022-20771 [HIGH] CWE-399 CVE-2022-20771: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denia

CVE-2022-20785 [HIGH] CWE-401 CVE-2022-20785: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-20770 [HIGH] CWE-399 CVE-2022-20770: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-20796 [MEDIUM] CWE-822 CVE-2022-20796: On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earl On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a desc

CVE-2021-1386 [HIGH] CWE-427 CVE-2021-1386: A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protec A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credenti

CVE-2021-1280 [HIGH] CWE-427 CVE-2021-1280: A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need valid credentials on the Windows system. This vulnerability is due to

CVE-2020-3350 [MEDIUM] CWE-362 CVE-2020-3350: A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow a A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vu

CVE-2020-3344 [MEDIUM] CWE-119 CVE-2020-3344: A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an af

CVE-2020-3343 [MEDIUM] CWE-119 CVE-2020-3343: A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an af

CVE-2020-3314 [MEDIUM] CWE-20 CVE-2020-3314: A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cau A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. The vulnerability is due to insufficient input validation of specific

CVE-2019-1932 [MEDIUM] CWE-345 CVE-2019-1932: A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit this vulnerability by placing a file in a specific locatio

CVE-2018-15452 [MEDIUM] CWE-427 CVE-2018-15452: A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoint A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the attacker would need to have administrative credenti

CVE-2018-15437 [MEDIUM] CWE-400 CVE-2018-15437: A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protect A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerabilit