CVE-2011-0926

Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability

Severity Score

9.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.

Un determinado control ActiveX en CSDWebInstaller.ocx en Cisco Secure Desktop (CDS) no verifica correctamente la firma de un programa descargado no especificado, permitiendo a atacantes remotos ejecutar código arbitrario por suplantación de identidad del proceso de instalación de CDS, una vulnerabilidad diferente de CVE-2010-0589.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within CSDWebInstaller.ocx ActiveX control. The vulnerable Cisco-signed ActiveX control verifies the signing authority names in the certificate chain but fails to properly verify the digital signature of an executable file that is downloaded and executed by the Cisco Secure Desktop installation process. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

*Credits: Anonymous

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-02-10 CVE Reserved
2011-02-24 CVE Published
2024-07-23 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (7)

URL	Tag	Source
http://securityreason.com/securityalert/8105	Third Party Advisory
http://www.securityfocus.com/archive/1/516647/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/46536	Vdb Entry
http://www.securitytracker.com/id?1025118	Vdb Entry
http://www.vupen.com/english/advisories/2011/0513	Vdb Entry
http://www.zerodayinitiative.com/advisories/ZDI-11-091	X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/65755	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Secure Desktop Search vendor "Cisco" for product "Secure Desktop"				*		-		Affected