CVE-2020-3350

MEDIUM

Cisco AMP for Endpoints/Clam AntiVirus - Privilege Escalation

Title source: llm
STIX 2.1

Description

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.

References (7)

Core 7
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202007-23
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4435-1/
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4435-2/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html

Scores

CVSS v3 5.5
EPSS 0.0013
EPSS Percentile 32.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-362
Status published
Products (10)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 20.04
cisco/advanced_malware_protection_for_endpoints < 1.12.4 (2 CPE variants)
cisco/clam_antivirus < 0.102.4
debian/debian_linux 9.0
fedoraproject/fedora 31
fedoraproject/fedora 32
Published Jun 18, 2020
Tracked Since Feb 18, 2026