CVE-2018-0437
HIGHCisco Umbrella Enterprise Roaming Client < 2.1.118 - Improper Privilege Management
Title source: ruleDescription
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges.
Exploits (1)
exploitdb
WORKING POC
by ParagonSec · clocalwindows_x86-64
https://www.exploit-db.com/exploits/45339
Scores
CVSS v3
7.8
EPSS
0.1295
EPSS Percentile
94.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-264
Status
published
Products (3)
cisco/umbrella_enterprise_roaming_client
< 2.1.118
cisco/umbrella_roaming_module
4.3\(1095\)
cisco/umbrella_roaming_module
< 4.6.1098
Published
Oct 05, 2018
Tracked Since
Feb 18, 2026