Описание
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04521
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.
EPSS
Процентиль: 89%
0.04521
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20