Filesystem enforce permissions vulnerability

#VU13 Filesystem enforce permissions vulnerability

Published: 2016-06-21 | Updated: 2016-06-24

Vulnerability identifier: #VU13

Vulnerability risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-1435

CWE-ID: CWE-306

Exploitation vector: Local

Exploit availability: No

Description

The vulnerability allows a local user to obtain elevated privileges.

The vulnerability exists due to software error when enforcing permissions for mounted filesystem. A local user can read or modify arbitrary files on the vulnerable device.

Successful exploitation of this vulnerability will allow the local attacker to obtain elevated privileges.

Mitigation

Patch for this vulnerability is available through Cisco Bug Search Tool.

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco 8800 Series IP Phones