PT-2021-1838 · Cisco · Cisco Immunet+1
Hou Jingyi
+2
·
Published
2021-01-20
·
Updated
2021-02-07
·
CVE-2021-1280
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco Advanced Malware Protection (AMP) for Endpoints for Windows (affected versions not specified)
Cisco Immunet for Windows (affected versions not specified)
Description
A vulnerability in the loading mechanism of specific DLLs could allow an authenticated, local attacker to perform a DLL hijacking attack. The attacker would need valid credentials on the Windows system to exploit this vulnerability, which is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system, allowing the execution of arbitrary code on the targeted system with SYSTEM privileges.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Advanced Malware Protection (Amp) For Endpoints
Cisco Immunet