A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled.
Weakness
A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint’s features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Secure_endpoint | Cisco | - (including) | - (including) |
| Secure_endpoint | Cisco | 6.0.7 (including) | 6.0.7 (including) |
| Secure_endpoint | Cisco | 6.0.9 (including) | 6.0.9 (including) |
| Secure_endpoint | Cisco | 6.1.5 (including) | 6.1.5 (including) |
| Secure_endpoint | Cisco | 6.1.7 (including) | 6.1.7 (including) |
| Secure_endpoint | Cisco | 6.1.9 (including) | 6.1.9 (including) |
| Secure_endpoint | Cisco | 6.2.1 (including) | 6.2.1 (including) |
| Secure_endpoint | Cisco | 6.2.3 (including) | 6.2.3 (including) |
| Secure_endpoint | Cisco | 6.2.5 (including) | 6.2.5 (including) |
| Secure_endpoint | Cisco | 6.2.9 (including) | 6.2.9 (including) |
| Secure_endpoint | Cisco | 6.2.19 (including) | 6.2.19 (including) |
| Secure_endpoint | Cisco | 6.3.1 (including) | 6.3.1 (including) |
| Secure_endpoint | Cisco | 6.3.3 (including) | 6.3.3 (including) |
| Secure_endpoint | Cisco | 6.3.5 (including) | 6.3.5 (including) |
| Secure_endpoint | Cisco | 6.3.7 (including) | 6.3.7 (including) |
| Secure_endpoint | Cisco | 7.0.5 (including) | 7.0.5 (including) |
| Secure_endpoint | Cisco | 7.1.1 (including) | 7.1.1 (including) |
| Secure_endpoint | Cisco | 7.1.5 (including) | 7.1.5 (including) |
| Secure_endpoint | Cisco | 7.2.3 (including) | 7.2.3 (including) |
| Secure_endpoint | Cisco | 7.2.5 (including) | 7.2.5 (including) |
| Secure_endpoint | Cisco | 7.2.7 (including) | 7.2.7 (including) |
| Secure_endpoint | Cisco | 7.2.11 (including) | 7.2.11 (including) |
| Secure_endpoint | Cisco | 7.2.13 (including) | 7.2.13 (including) |
| Secure_endpoint | Cisco | 7.3.1 (including) | 7.3.1 (including) |
| Secure_endpoint | Cisco | 7.3.3 (including) | 7.3.3 (including) |
| Secure_endpoint | Cisco | 7.3.5 (including) | 7.3.5 (including) |
| Secure_endpoint | Cisco | 7.3.9 (including) | 7.3.9 (including) |
| Secure_endpoint | Cisco | 8.1.3 (including) | 8.1.3 (including) |
| Secure_endpoint | Cisco | 8.1.3.21242 (including) | 8.1.3.21242 (including) |
| Secure_endpoint | Cisco | 8.1.5 (including) | 8.1.5 (including) |
| Secure_endpoint | Cisco | 8.1.5.21322 (including) | 8.1.5.21322 (including) |
| Secure_endpoint | Cisco | 8.1.7 (including) | 8.1.7 (including) |
| Secure_endpoint | Cisco | 8.1.7.21417 (including) | 8.1.7.21417 (including) |
| Secure_endpoint | Cisco | 8.1.7.21512 (including) | 8.1.7.21512 (including) |