CVE-2020-3314

Name of the Vulnerable Software and Affected Versions Cisco AMP for Endpoints (affected versions not specified)

Description The issue is related to insufficient input validation of specific file attributes in the file scan process of Cisco AMP for Endpoints Mac Connector Software. This could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. An attacker could exploit this by providing a crafted file to a user of an affected system, potentially causing the service to crash and resulting in missed detection and logging of potentially malicious files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.