CVE-2023-20084

Name of the Vulnerable Software and Affected Versions Cisco Secure Endpoint Connector for Windows (affected versions not specified)

Description The issue is related to a timing problem between various software components, which can be exploited by an authenticated, local attacker to evade endpoint protection within a limited time window. This can be achieved by persuading a user to place a malicious file in a specific folder and then execute the file within a limited time frame. A successful exploitation could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. The vulnerability is applicable only to deployments with the Windows Folder Redirection feature enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.