PT-2020-2976 · Cisco+4 · Clam Antivirus+5

Published

2020-06-17

·

Updated

2026-02-06

·

CVE-2020-3350

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Cisco AMP for Endpoints (affected versions not specified) Clam AntiVirus (affected versions not specified)
Description A vulnerability in the endpoint software could allow an authenticated, local attacker to delete arbitrary files on the system due to a race condition when scanning malicious files. An attacker with local shell access could exploit this by executing a script that triggers the race condition, potentially causing system instability or stopping the endpoint software from working.
Recommendations For Cisco AMP for Endpoints, consider restricting access to the endpoint software to minimize the risk of exploitation until a patch is available. For Clam AntiVirus, as a temporary workaround, consider disabling the scanning of malicious files until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2020-2461
ALT-PU-2020-2469
BDU:2020-03143
CLEANSTART-2026-LA13761
CLEANSTART-2026-NJ87139
CLEANSTART-2026-TC95380
CLEANSTART-2026-WX01708
CVE-2020-3350
DLA-2314-1
MGASA-2020-0322
OPENSUSE-SU-2020:2268-1
OPENSUSE-SU-2020:2276-1
OPENSUSE-SU-2020_2268-1
OPENSUSE-SU-2020_2276-1
OPENSUSE-SU-2024:10685-1
SUSE-SU-2020:3729-1
SUSE-SU-2020:3790-1
SUSE-SU-2020:3918-1
SUSE-SU-2021:14592-1
USN-4435-1
USN-4435-2

Affected Products

Alt Linux
Cisco Amp For Endpoints
Clam Antivirus
Linuxmint
Suse
Ubuntu