CVE-2018-15437

Name of the Vulnerable Software and Affected Versions Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints (affected versions not specified)

Description The issue is related to improper process resource handling in the system scanning component. This could allow a local attacker to disable the scanning functionality, enabling executable files to be launched without being analyzed for threats. An attacker could exploit this by gaining local access to a system running Microsoft Windows and executing a malicious file, preventing the scanning services from functioning properly and leaving the system unprotected from further intrusion.

Recommendations For Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints, consider restricting local access to systems to minimize the risk of exploitation until a fix is available. As a temporary workaround, consider disabling the scanning component temporarily until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.