Vulnerability Details : CVE-2023-20084
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could exploit this vulnerability by persuading a user to put a malicious file into a specific folder and then persuading the user to execute the file within a limited time window. A successful exploit could allow the attacker to cause the endpoint software to fail to quarantine the malicious file or kill its process. Note: This vulnerability only applies to deployments that have the Windows Folder Redirection feature enabled.
Products affected by CVE-2023-20084
- cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.0.7:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.0.9:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.1.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.1.7:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.1.9:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.2.1:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.2.3:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.2.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.2.9:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.2.19:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.3.1:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.3.3:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.3.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:6.3.7:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.0.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.1.1:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.1.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.2.3:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.2.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.2.7:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.2.11:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.2.13:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.3.1:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.3.3:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.3.5:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:7.3.9:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.3:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.3.21242:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.5.21322:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.7:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.7.21417:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint:8.1.7.21512:*:*:*:*:windows:*:*
- cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-20084
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-20084
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
0.8
|
3.6
|
NIST | |
5.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H |
1.3
|
3.6
|
Cisco Systems, Inc. |
CWE ids for CVE-2023-20084
-
A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint's features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model.Assigned by: ykramarz@cisco.com (Secondary)
References for CVE-2023-20084
-
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-endpoint-dos-RzOgFKnd
Cisco Secure Endpoint for Windows Scanning Evasion VulnerabilityIssue Tracking;Vendor Advisory
Jump to