Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Advanced Malware Protection
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14418 3 Cisco, Madshi, Morphisec 3 Advanced Malware Protection, Madcodehook, Unified Threat Prevention Platform 2024-02-28 6.9 MEDIUM 7.0 HIGH
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.
CVE-2017-12317 1 Cisco 1 Advanced Malware Protection 2024-02-28 4.6 MEDIUM 6.7 MEDIUM
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904.