Intrusion Prevention



This indicates an attack attempt against a code execution vulnerability in Cisco Secure Desktop.
The vulnerability is caused by an error in the "CSDWebInstallerCtrl" ActiveX control (CSDWebInstaller.ocx) when handling a Cisco-signed executable file named "inst.exe". It could allow attackers to exploit certain vulnerabilities in signed executable files.

Affected Products

Cisco Secure Desktop versions 3.x


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the website.

CVE References