Unverified Signature Spoofing Vulnerability in Cisco Secure Desktop

Unverified Signature Spoofing Vulnerability in Cisco Secure Desktop

CVE-2011-0926 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.

Learn more about our Cis Benchmark Audit For Cisco.