Critical flaw in Cisco Security Agent for Windows

Critical flaw in Cisco Security Agent for Windows

Summary: The flaw, which carries a CVSS rating of 10.0 (the highest possible severity score), can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution.

SHARE:

Critical flaw in Cisco Security Agent for WindowsSwitching and networking vendor Cisco is warning of a critical vulnerability affecting the Cisco Security Agent for Microsoft Windows.

The flaw, which carries a CVSS rating of 10.0 (the highest possible severity score), can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution.

[ SEE: Can you really trust your security vendor? ]

Cisco Security Agent is a security software agent that provides threat protection for server and desktop computing systems.

From Cisco's alert:

The vulnerability is triggered when Cisco Security Agent is processing a crafted TCP segment destined to TCP port 139 or 445. These ports are used by the Microsoft Server Message Block (SMB) protocol. A TCP session needs to be established (that is, the TCP three-way handshake needs to be completed) for the vulnerability to be triggered.

All systems that are running a vulnerable version of Cisco Security Agent for Windows are affected. This includes Cisco products that integrate standalone Cisco Security Agents, such as Cisco IP Communications applications servers and the Cisco Security Manager.

Topics: Windows, Cisco, Enterprise Software, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • The case of the security guard turning over your keys to the kingdom

    This is like hiring a security guard for your office building and you find out he got tricked in to handing over the keys to your building and all the password combinations to the bad guy. You'd be better off if you fired him in the first place.
    georgeou
  • This doesn't surprise me

    I recently tried to install a Cisco ADSL2 modem/router on my main business Internet connection. It was large, it was expensive and the software looked like it was written in the 70s and the documentation was appalling.

    My needs were simple, internet connection to the network and being able to access a MS Small Business Server remotely. After around 6 hours I gave up and purchased a cheap Dlink that had me up and going in 10 min with a lot more bells and whistles.

    Time Cisco joined the 21st century.
    tonymcs@...