CVE-2018-0438
HIGHCisco Umbrella Enterprise Roaming Client - Improper Input Validation
Title source: ruleDescription
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper implementation of file system permissions, which could allow non-administrative users to place files within restricted directories. An attacker could exploit this vulnerability by placing an executable file within the restricted directory, which when executed by the ERC client, would run with Administrator privileges.
Exploits (1)
exploitdb
WORKING POC
by ParagonSec · clocalwindows_x86-64
https://www.exploit-db.com/exploits/45339
Scores
CVSS v3
7.8
EPSS
0.0299
EPSS Percentile
86.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-20
Status
published
Products (1)
cisco/umbrella_enterprise_roaming_client
< 2.1.127
Published
Oct 05, 2018
Tracked Since
Feb 18, 2026