CVE-2018-15437
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Windows and protected by Cisco Immunet or Cisco AMP for Endpoints and executing a malicious file. A successful exploit could allow the attacker to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.
EPSS 0.72% · 73.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | immunet_for_endpoints | |
| Cisco | Cisco AMP for Endpoints | * |
| cisco | advanced_malware_protection_for_endpoints |
Exploit Intelligence
- https://www.exploit-db.com/exploits/45829/ (nist-nvd)
- CIRCL seen: CVE-2018-15437 (circl-sighting)
- CIRCL exploited: CVE-2018-15437 (circl-sighting)
- 105867 (circl)
- 20181107 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability (circl)
- Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit (0day-today)
- Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit (0day-today)
- Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit (0day-today)
- Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit (0day-today)
Timeline
- Nov 8, 2018 CVE Published
- Nov 9, 2018 PoC Published
- Nov 12, 2018 PoC Published
- Nov 13, 2018 PoC Published
- Nov 13, 2018 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score