Skip to main content

Secure Endpoint CVE-2023-20084

MEDIUM
Incomplete Model of Endpoint Features (CWE-437)
2023-11-22 psirt@cisco.com
4.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 22, 2023 - 17:15 nvd
MEDIUM 4.4

DescriptionNVD

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled.

AnalysisAI

A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. Rated medium severity (CVSS 4.4). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-437. A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled. Affected products include: Cisco Secure Endpoint, Cisco Secure Endpoint Private Cloud.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-20032 CRITICAL
9.8 Mar 01

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ p

CVE-2026-20214 HIGH
7.5 Jul 01

Denial of service in ClamAV's FSG file format parser allows an unauthenticated remote attacker to crash the scanning eng

CVE-2026-20213 HIGH
7.5 Jul 01

Denial of service in ClamAV's PE (Portable Executable) file format parser lets an unauthenticated, remote attacker crash

CVE-2026-20244 HIGH
7.5 Jul 01

Denial of service in ClamAV's DMG file format parser allows a remote, unauthenticated attacker to crash the scanning eng

CVE-2026-20243 HIGH
7.5 Jul 01

Denial of service in ClamAV's ALZ archive parser allows an unauthenticated, remote attacker to crash the scanning engine

CVE-2026-20217 HIGH
7.5 Jul 01

Availability-impacting out-of-bounds write in ClamAV's PESpin file-format parser lets an unauthenticated remote attacker

CVE-2026-20216 HIGH
7.5 Jul 01

Denial of service in ClamAV's InstallShield file format parser allows a remote, unauthenticated attacker (per CVSS PR:N)

CVE-2026-20215 HIGH
7.5 Jul 01

Denial of service in ClamAV's 7z archive scanner allows a remote, unauthenticated attacker to crash the scanning process

CVE-2023-20212 HIGH
7.5 Aug 18

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of serv

CVE-2023-20197 HIGH
7.5 Aug 16

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthe

CVE-2022-20785 HIGH
7.5 May 04

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 a

CVE-2022-20771 HIGH
7.5 May 04

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 a

Share

CVE-2023-20084 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy