CVE-2019-1932— Cisco Advanced Malware Protection for Endpoints Windows Command Injection Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-1932
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Advanced Malware Protection for Endpoints Windows Command Injection Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. The vulnerability is due to insufficient validation of dynamically loaded modules. An attacker could exploit this vulnerability by placing a file in a specific location in the Windows filesystem. A successful exploit could allow the attacker to execute the code with the privileges of the AMP service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对数据真实性的验证不充分
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Advanced Malware Protection for Endpoints for Windows 数据伪造问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Advanced Malware Protection(AMP)for Endpoints for Windows是美国思科(Cisco)公司的一款基于Windows平台的端点安全解决方案。该产品主要具有高级威胁预防、监测和响应等功能。 基于Windows平台的Cisco AMP for Endpoints 6.2.3.10807_030519及之前版本中存在命令注入漏洞。本地攻击者可通过在Windows文件系统中放置文件利用该漏洞以AMP服务权限执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco AMP for Endpoints | unspecified ~ 6.3.3 | - |
II. Public POCs for CVE-2019-1932
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-1932
请登录查看更多情报信息。
Same Patch Batch · Cisco · 2019-07-06 · 13 CVEs total
| CVE-2019-1930 | Cisco Firepower Management Center RSS Cross-Site Scripting Vulnerabilities | |
| CVE-2019-1931 | Cisco Firepower Management Center RSS Cross-Site Scripting Vulnerabilities | |
| CVE-2019-1933 | Cisco Email Security Appliance Content Filter Bypass Vulnerability | |
| CVE-2019-1921 | Cisco Email Security Appliance Content Filter Bypass Vulnerability | |
| CVE-2019-1922 | Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerab | |
| CVE-2019-1893 | Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability | |
| CVE-2019-1894 | Cisco Enterprise NFV Infrastructure Software Arbitrary File Read and Write Vulnerability | |
| CVE-2019-1909 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability | |
| CVE-2019-1911 | Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability | |
| CVE-2019-1887 | Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnera | |
| CVE-2019-1891 | Cisco Small Business Series Switches HTTP Denial of Service Vulnerability | |
| CVE-2019-1892 | Cisco Small Business Series Switches Memory Corruption Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco AMP for Endpoints
- CVE-2022-20796
ClamAV Truncated File Denial of Service Vulnerability Affect - CVE-2022-20785
ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cis - CVE-2022-20771
ClamAV TIFF File Parsing Denial of Service Vulnerability Aff - CVE-2022-20770
ClamAV CHM File Parsing Denial of Service Vulnerability Affe - CVE-2021-1386
Cisco Advanced Malware Protection for Endpoints Windows Conn
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-345
- CVE-2026-42575
apko doesn't verify downloaded apk packages against APKINDEX - CVE-2026-41432
New API: Stripe Webhook Signature Bypass via Empty Secret En - CVE-2026-42206
Roadiz OpenID Connect nonce generated but never validated — - CVE-2026-31835
Vaultwarden WebAuthn credential metadata tampered before sig - CVE-2026-43534
OpenClaw < 2026.4.10 - Unsanitized External Input in Agent H
V. Comments for CVE-2019-1932
No comments yet