Cisco.Secure.Desktop.CSDWebInstaller.Code.Execution
Description
This indicates an attack attempt against a code execution vulnerability in Cisco Secure Desktop.
The vulnerability is caused by an error in the "CSDWebInstallerCtrl" ActiveX control (CSDWebInstaller.ocx) when handling a Cisco-signed executable file named "inst.exe". It could allow attackers to exploit certain vulnerabilities in signed executable files.
Affected Products
Cisco Secure Desktop versions 3.x
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website.
http://www.cisco.com/en/US/products/ps6742/tsd_products_support_series_home.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |