Race condition in ClamAV products - CVE-2020-3350
Published: June 24, 2020
Vulnerability identifier: #VU29233
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-3350
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
ClamAV
ClamAV
Affected software:
Cisco AMP for Endpoints Linux Connector Software
Cisco AMP for Endpoints Mac Connector Software
ClamAV
Cisco AMP for Endpoints Linux Connector Software
Cisco AMP for Endpoints Mac Connector Software
ClamAV
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the endpoint software. A local user can exploit the race, gain elevated privileges and delete arbitrary files on the system.
How to mitigate CVE-2020-3350
Install updates from vendor's website.