Search criteria
207 vulnerabilities found for anyconnect_secure_mobility_client by cisco
FKIE_CVE-2020-3432
Vulnerability from fkie_nvd - Published: 2025-02-12 00:15 - Updated: 2025-06-24 00:12
Severity ?
Summary
A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.
The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "D9A113B2-E3B3-4290-AA9F-183410CB115F",
"versionEndExcluding": "4.9.00086",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente de desinstalaci\u00f3n de Cisco AnyConnect Secure Mobility Client para Mac OS podr\u00eda permitir que un atacante local autenticado corrompa el contenido de cualquier archivo en el sistema de archivos. La vulnerabilidad se debe a la gesti\u00f3n incorrecto de las rutas de directorio. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando un enlace simb\u00f3lico (symlink) a un archivo de destino en una ruta espec\u00edfica. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante corromper el contenido del archivo. Si el archivo es un archivo cr\u00edtico del sistema, la explotaci\u00f3n podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio. Para aprovechar esta vulnerabilidad, el atacante necesitar\u00eda tener credenciales v\u00e1lidas en el sistema."
}
],
"id": "CVE-2020-3432",
"lastModified": "2025-06-24T00:12:09.860",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 4.2,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 4.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-12T00:15:07.670",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-dos-36s2y3Lv"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-20474
Vulnerability from fkie_nvd - Published: 2024-10-23 18:15 - Updated: 2024-11-01 18:14
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086:*:*:*:*:*:*:*",
"matchCriteriaId": "03B6618B-2E98-480C-AF79-2A9E9BF29CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095:*:*:*:*:*:*:*",
"matchCriteriaId": "F2CB76BE-7DD7-40D7-A7C7-DDA7079A286F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028:*:*:*:*:*:*:*",
"matchCriteriaId": "C87CEF61-99F2-4845-9FDE-4B6ED62637C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047:*:*:*:*:*:*:*",
"matchCriteriaId": "EA80A4E4-061E-4578-B780-9540AE502E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049:*:*:*:*:*:*:*",
"matchCriteriaId": "804366C1-F307-4DC2-9FEA-B4EB60790A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD3244A-5CA8-496C-B189-BCD31B0E40C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB00A32-8571-4685-B448-690F8EE373D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042:*:*:*:*:*:*:*",
"matchCriteriaId": "F97CC9FF-FDD3-46A1-9025-BAA83160A504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8E83C4-9C5A-4D84-AB19-A4564BBB6625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBC52F-F851-4DC4-9DED-45F8689F2A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D74511-0444-473C-96F7-751C2B9A6ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*",
"matchCriteriaId": "D89BE767-38C2-4E92-83EB-09E23B48AAF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*",
"matchCriteriaId": "DC77CA23-5750-4E35-AD17-4FE0B351ECFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE66231-01C3-4807-AB7B-F2A3C2E2200D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*",
"matchCriteriaId": "B003756D-7F3D-4FB9-B3EF-CEAA68334630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4BD8-23D2-4C32-B090-F33D50BB5805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE93BD0-7AAD-4921-A6F1-22F1905F8870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*",
"matchCriteriaId": "222718F2-81E9-40BD-8B2D-ECD70CC423E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*",
"matchCriteriaId": "C1150AC7-8E86-471E-87DD-F4C0D0628261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*",
"matchCriteriaId": "585A3B8E-8FD1-4B01-9F82-1038BF50A0FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*",
"matchCriteriaId": "61D0138A-EE54-420B-A11B-4580DD130FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*",
"matchCriteriaId": "D45B8E46-AE9E-44F6-B58E-5AF7A32D499B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB896B8-535A-494F-AA21-3DA56CD7A540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.08025:*:*:*:*:*:*:*",
"matchCriteriaId": "314BBB39-15FD-4DEB-8286-047644C4D456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.08029:*:*:*:*:*:*:*",
"matchCriteriaId": "4877EEBA-CA94-4176-8442-429E9DF1E5AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7B74D9-7D43-48B2-AE6F-4FE75DB1DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*",
"matchCriteriaId": "86B5EB44-F814-49AB-BAD2-3E02E9707377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*",
"matchCriteriaId": "C33CF946-24CD-471E-8448-445E629789BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*",
"matchCriteriaId": "9E39EE52-4A48-430E-A7A5-29276EE51B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*",
"matchCriteriaId": "781CEBDC-3A42-47BA-8509-E35AB6BB56C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF3D714-0475-4E30-8245-159C5BA68F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2D666F-5EBF-41B7-89C1-32BCF65DABEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.04032:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDE95F2-E54E-4955-8E07-C8D97BCB2CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.05040:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF7A28D-542B-46A1-B428-BA3E71A62B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.1.0.136:*:*:*:*:*:*:*",
"matchCriteriaId": "E38148BD-1C03-43F8-83F2-3043B3442100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.1.1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "C771F3C7-609D-4C66-B1A0-34BD26FFD781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.1.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6AB12-BC84-4324-BB4E-AAC3701B28C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.1.3.62:*:*:*:*:*:*:*",
"matchCriteriaId": "0A560B61-73F1-42E5-9F4F-931610C6954A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.\r\n\r This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.\r\n\r Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de la versi\u00f3n 2 de Internet Key Exchange (IKEv2) de Cisco Secure Client Software podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) de Cisco Secure Client. Esta vulnerabilidad se debe a una condici\u00f3n de desbordamiento de enteros. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete IKEv2 manipulado a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar que Cisco Secure Client Software se bloquee, lo que provocar\u00eda una condici\u00f3n de DoS en el software cliente. Nota: Las versiones 4.10 y anteriores de Cisco Secure Client Software se conoc\u00edan como Cisco AnyConnect Secure Mobility Client."
}
],
"id": "CVE-2024-20474",
"lastModified": "2024-11-01T18:14:56.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-23T18:15:11.517",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-20240
Vulnerability from fkie_nvd - Published: 2023-11-22 17:15 - Updated: 2024-11-21 07:40
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 | Issue Tracking, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086:*:*:*:*:*:*:*",
"matchCriteriaId": "03B6618B-2E98-480C-AF79-2A9E9BF29CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095:*:*:*:*:*:*:*",
"matchCriteriaId": "F2CB76BE-7DD7-40D7-A7C7-DDA7079A286F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028:*:*:*:*:*:*:*",
"matchCriteriaId": "C87CEF61-99F2-4845-9FDE-4B6ED62637C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047:*:*:*:*:*:*:*",
"matchCriteriaId": "EA80A4E4-061E-4578-B780-9540AE502E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049:*:*:*:*:*:*:*",
"matchCriteriaId": "804366C1-F307-4DC2-9FEA-B4EB60790A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD3244A-5CA8-496C-B189-BCD31B0E40C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB00A32-8571-4685-B448-690F8EE373D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042:*:*:*:*:*:*:*",
"matchCriteriaId": "F97CC9FF-FDD3-46A1-9025-BAA83160A504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8E83C4-9C5A-4D84-AB19-A4564BBB6625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBC52F-F851-4DC4-9DED-45F8689F2A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D74511-0444-473C-96F7-751C2B9A6ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*",
"matchCriteriaId": "D89BE767-38C2-4E92-83EB-09E23B48AAF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*",
"matchCriteriaId": "DC77CA23-5750-4E35-AD17-4FE0B351ECFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE66231-01C3-4807-AB7B-F2A3C2E2200D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*",
"matchCriteriaId": "B003756D-7F3D-4FB9-B3EF-CEAA68334630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4BD8-23D2-4C32-B090-F33D50BB5805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE93BD0-7AAD-4921-A6F1-22F1905F8870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*",
"matchCriteriaId": "222718F2-81E9-40BD-8B2D-ECD70CC423E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*",
"matchCriteriaId": "C1150AC7-8E86-471E-87DD-F4C0D0628261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*",
"matchCriteriaId": "585A3B8E-8FD1-4B01-9F82-1038BF50A0FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*",
"matchCriteriaId": "61D0138A-EE54-420B-A11B-4580DD130FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*",
"matchCriteriaId": "D45B8E46-AE9E-44F6-B58E-5AF7A32D499B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB896B8-535A-494F-AA21-3DA56CD7A540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7B74D9-7D43-48B2-AE6F-4FE75DB1DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*",
"matchCriteriaId": "86B5EB44-F814-49AB-BAD2-3E02E9707377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*",
"matchCriteriaId": "C33CF946-24CD-471E-8448-445E629789BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*",
"matchCriteriaId": "9E39EE52-4A48-430E-A7A5-29276EE51B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*",
"matchCriteriaId": "781CEBDC-3A42-47BA-8509-E35AB6BB56C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF3D714-0475-4E30-8245-159C5BA68F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2D666F-5EBF-41B7-89C1-32BCF65DABEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Cisco Secure Client Software, anteriormente AnyConnect Secure Mobility Client, podr\u00edan permitir que un atacante local autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. Estas vulnerabilidades se deben a una lectura de memoria fuera de los l\u00edmites de Cisco Secure Client Software. Un atacante podr\u00eda aprovechar estas vulnerabilidades iniciando sesi\u00f3n en un dispositivo afectado al mismo tiempo que otro usuario accede a Cisco Secure Client en el mismo sistema y luego enviando paquetes manipulados a un puerto en ese host local. Un exploit exitoso podr\u00eda permitir al atacante bloquear el servicio del Agente VPN, provocando que no est\u00e9 disponible para todos los usuarios del sistema. Para explotar estas vulnerabilidades, el atacante debe tener credenciales v\u00e1lidas en un sistema multiusuario."
}
],
"id": "CVE-2023-20240",
"lastModified": "2024-11-21T07:40:58.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-22T17:15:18.520",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-20241
Vulnerability from fkie_nvd - Published: 2023-11-22 17:15 - Updated: 2024-11-21 07:40
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.
These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 | Issue Tracking, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086:*:*:*:*:*:*:*",
"matchCriteriaId": "03B6618B-2E98-480C-AF79-2A9E9BF29CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095:*:*:*:*:*:*:*",
"matchCriteriaId": "F2CB76BE-7DD7-40D7-A7C7-DDA7079A286F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028:*:*:*:*:*:*:*",
"matchCriteriaId": "C87CEF61-99F2-4845-9FDE-4B6ED62637C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047:*:*:*:*:*:*:*",
"matchCriteriaId": "EA80A4E4-061E-4578-B780-9540AE502E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049:*:*:*:*:*:*:*",
"matchCriteriaId": "804366C1-F307-4DC2-9FEA-B4EB60790A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD3244A-5CA8-496C-B189-BCD31B0E40C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB00A32-8571-4685-B448-690F8EE373D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042:*:*:*:*:*:*:*",
"matchCriteriaId": "F97CC9FF-FDD3-46A1-9025-BAA83160A504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8E83C4-9C5A-4D84-AB19-A4564BBB6625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.00093:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBC52F-F851-4DC4-9DED-45F8689F2A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.01075:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D74511-0444-473C-96F7-751C2B9A6ADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.02086:*:*:*:*:*:*:*",
"matchCriteriaId": "D89BE767-38C2-4E92-83EB-09E23B48AAF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.03104:*:*:*:*:*:*:*",
"matchCriteriaId": "DC77CA23-5750-4E35-AD17-4FE0B351ECFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04065:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE66231-01C3-4807-AB7B-F2A3C2E2200D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.04071:*:*:*:*:*:*:*",
"matchCriteriaId": "B003756D-7F3D-4FB9-B3EF-CEAA68334630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05085:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4BD8-23D2-4C32-B090-F33D50BB5805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05095:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE93BD0-7AAD-4921-A6F1-22F1905F8870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.05111:*:*:*:*:*:*:*",
"matchCriteriaId": "222718F2-81E9-40BD-8B2D-ECD70CC423E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06079:*:*:*:*:*:*:*",
"matchCriteriaId": "C1150AC7-8E86-471E-87DD-F4C0D0628261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.06090:*:*:*:*:*:*:*",
"matchCriteriaId": "585A3B8E-8FD1-4B01-9F82-1038BF50A0FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07061:*:*:*:*:*:*:*",
"matchCriteriaId": "61D0138A-EE54-420B-A11B-4580DD130FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07062:*:*:*:*:*:*:*",
"matchCriteriaId": "D45B8E46-AE9E-44F6-B58E-5AF7A32D499B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:4.10.07073:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB896B8-535A-494F-AA21-3DA56CD7A540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00238:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7B74D9-7D43-48B2-AE6F-4FE75DB1DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00529:*:*:*:*:*:*:*",
"matchCriteriaId": "86B5EB44-F814-49AB-BAD2-3E02E9707377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.00556:*:*:*:*:*:*:*",
"matchCriteriaId": "C33CF946-24CD-471E-8448-445E629789BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.01242:*:*:*:*:*:*:*",
"matchCriteriaId": "9E39EE52-4A48-430E-A7A5-29276EE51B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.02075:*:*:*:*:*:*:*",
"matchCriteriaId": "781CEBDC-3A42-47BA-8509-E35AB6BB56C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03072:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF3D714-0475-4E30-8245-159C5BA68F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:5.0.03076:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2D666F-5EBF-41B7-89C1-32BCF65DABEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Cisco Secure Client Software, anteriormente AnyConnect Secure Mobility Client, podr\u00edan permitir que un atacante local autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. Estas vulnerabilidades se deben a una lectura de memoria fuera de los l\u00edmites de Cisco Secure Client Software. Un atacante podr\u00eda aprovechar estas vulnerabilidades iniciando sesi\u00f3n en un dispositivo afectado al mismo tiempo que otro usuario accede a Cisco Secure Client en el mismo sistema y luego enviando paquetes manipulados a un puerto en ese host local. Un exploit exitoso podr\u00eda permitir al atacante bloquear el servicio del Agente VPN, provocando que no est\u00e9 disponible para todos los usuarios del sistema. Para explotar estas vulnerabilidades, el atacante debe tener credenciales v\u00e1lidas en un sistema multiusuario."
}
],
"id": "CVE-2023-20241",
"lastModified": "2024-11-21T07:40:58.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-22T17:15:18.740",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-20178
Vulnerability from fkie_nvd - Published: 2023-06-28 15:15 - Updated: 2024-11-21 07:40
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.
This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * | |
| cisco | secure_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9980A481-8A54-475A-B735-0C339FF30314",
"versionEndExcluding": "4.10.07061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7A856448-9BF4-4693-A1EA-3B6C06DB4259",
"versionEndExcluding": "5.0.02075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges."
}
],
"id": "CVE-2023-20178",
"lastModified": "2024-11-21T07:40:45.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-28T15:15:09.880",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40124
Vulnerability from fkie_nvd - Published: 2021-11-04 16:15 - Updated: 2024-11-21 06:23
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "9DE29131-709A-4FFB-BDE6-B676781D4D8A",
"versionEndExcluding": "4.10.03104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo Network Access Manager (NAM) de Cisco AnyConnect Secure Mobility Client para Windows podr\u00eda permitir a un atacante local autenticado escalar privilegios en un dispositivo afectado. Esta vulnerabilidad es debido a una asignaci\u00f3n incorrecta de privilegios a las scripts que se ejecutan antes del inicio de sesi\u00f3n del usuario. Un atacante podr\u00eda explotar esta vulnerabilidad al configurar un script para que se ejecute antes del inicio de sesi\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios SYSTEM"
}
],
"id": "CVE-2021-40124",
"lastModified": "2024-11-21T06:23:37.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-04T16:15:09.503",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-266"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-34788
Vulnerability from fkie_nvd - Published: 2021-10-06 20:15 - Updated: 2024-11-21 06:11
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * | |
| apple | macos | - | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFEB139-328E-433E-8994-7C6C7970A416",
"versionEndExcluding": "4.10.03104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el mecanismo de carga de la biblioteca compartida de Cisco AnyConnect Secure Mobility Client para Linux y Mac OS podr\u00eda permitir a un atacante local autenticado llevar a cabo un ataque de secuestro de la biblioteca compartida en un dispositivo afectado si el m\u00f3dulo VPN Posture (HostScan) est\u00e1 instalado en el cliente AnyConnect. Esta vulnerabilidad es debido a una condici\u00f3n de carrera en el proceso de verificaci\u00f3n de firmas para los archivos de bibliotecas compartidas que son cargadas en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una serie de mensajes de comunicaci\u00f3n interproceso (IPC) dise\u00f1ados al proceso AnyConnect. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el dispositivo afectado con privilegios root. Para explotar esta vulnerabilidad, el atacante debe tener una cuenta v\u00e1lida en el sistema"
}
],
"id": "CVE-2021-34788",
"lastModified": "2024-11-21T06:11:12.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-06T20:15:19.173",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-1568
Vulnerability from fkie_nvd - Published: 2021-06-16 18:15 - Updated: 2024-11-21 05:44
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "00CD6C70-8B34-468B-9937-566390D6CBD0",
"versionEndExcluding": "4.10.01075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco AnyConnect Secure Mobility Client para Windows, podr\u00eda permitir a un atacante local autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. Esta vulnerabilidad es debido a una asignaci\u00f3n no controlada de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad copiando un archivo dise\u00f1ado en una carpeta espec\u00edfica del sistema. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante bloquear el servicio de Agente VPN cuando es lanzada la aplicaci\u00f3n afectada, causando que no est\u00e9 disponible para todos los usuarios del sistema. Para explotar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas en un sistema Windows multiusuario"
}
],
"id": "CVE-2021-1568",
"lastModified": "2024-11-21T05:44:38.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-16T18:15:08.943",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-789"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2021-1567
Vulnerability from fkie_nvd - Published: 2021-06-16 18:15 - Updated: 2024-11-21 05:44
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "00CD6C70-8B34-468B-9937-566390D6CBD0",
"versionEndExcluding": "4.10.01075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el mecanismo de carga de DLL de Cisco AnyConnect Secure Mobility Client para Windows, podr\u00eda permitir a un atacante local autentificado llevar a cabo un ataque de secuestro DLL en un dispositivo afectado si el m\u00f3dulo VPN Posture (HostScan) est\u00e1 instalado en el cliente AnyConnect. Esta vulnerabilidad es debido a una condici\u00f3n de carrera en el proceso de comprobaci\u00f3n de la firma de los archivos DLL que son cargados en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el envio de una serie de mensajes de comunicaci\u00f3n entre procesos (IPC) dise\u00f1ados al proceso AnyConnect. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el dispositivo afectado con privilegios SYSTEM. Para explotar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas en el sistema Windows"
}
],
"id": "CVE-2021-1567",
"lastModified": "2024-11-21T05:44:38.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-16T18:15:08.830",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-1496
Vulnerability from fkie_nvd - Published: 2021-05-06 13:15 - Updated: 2024-11-21 05:44
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "6DFE2E98-E1B3-4218-A423-A8C5B1DD0491",
"versionEndExcluding": "4.9.03022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los procesos de instalaci\u00f3n, desinstalaci\u00f3n y actualizaci\u00f3n de Cisco AnyConnect Secure Mobility Client para Windows, podr\u00edan permitir a un atacante local autenticado secuestrar archivos DLL o ejecutables que utiliza la aplicaci\u00f3n.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en un dispositivo afectado con privilegios SYSTEM.\u0026#xa0;Para explotar estas vulnerabilidades, el atacante debe tener credenciales v\u00e1lidas en el sistema Windows.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1496",
"lastModified": "2024-11-21T05:44:28.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.467",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-378"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-1428
Vulnerability from fkie_nvd - Published: 2021-05-06 13:15 - Updated: 2024-11-21 05:44
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "7AD8DAF4-A2D9-4067-BE3D-AA695B10468F",
"versionEndExcluding": "4.10.00093",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los procesos de instalaci\u00f3n, desinstalaci\u00f3n y actualizaci\u00f3n de Cisco AnyConnect Secure Mobility Client para Windows, podr\u00edan permitir a un atacante local autenticado secuestrar archivos DLL o ejecutables que son usadas por la aplicaci\u00f3n.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en un dispositivo afectado con privilegios SYSTEM.\u0026#xa0;Para explotar estas vulnerabilidades, el atacante debe tener credenciales v\u00e1lidas en el sistema Windows.\u0026#xa0;Para mayor informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1428",
"lastModified": "2024-11-21T05:44:20.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.153",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-378"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-1430
Vulnerability from fkie_nvd - Published: 2021-05-06 13:15 - Updated: 2024-11-21 05:44
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "4946199D-6CD5-4E9B-8EB1-8B05C823F9BE",
"versionEndExcluding": "4.9.06037",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execute arbitrary code on an affected device with SYSTEM privileges. To exploit these vulnerabilities, the attacker must have valid credentials on the Windows system. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los procesos de instalaci\u00f3n, desinstalaci\u00f3n y actualizaci\u00f3n de Cisco AnyConnect Secure Mobility Client para Windows, podr\u00edan permitir a un atacante local autenticado secuestrar archivos DLL o ejecutables que son usadas por la aplicaci\u00f3n.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en un dispositivo afectado con privilegios SYSTEM.\u0026#xa0;Para explotar estas vulnerabilidades, el atacante debe tener credenciales v\u00e1lidas en el sistema Windows.\u0026#xa0;Para mayor informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1430",
"lastModified": "2024-11-21T05:44:20.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:10.223",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-code-exec-jR3tWTA6"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-378"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-3432 (GCVE-0-2020-3432)
Vulnerability from cvelistv5 – Published: 2025-02-11 23:56 – Updated: 2025-02-26 18:00
VLAI?
Summary
A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.
The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Severity ?
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-3432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:03:38.132125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T18:00:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H/E:X/RL:X/RC:X",
"version": "3.0"
},
"format": "cvssV3_0"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T15:17:09.212Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-dos-36s2y3Lv"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"defects": [
"CSCvt78191"
],
"discovery": "EXTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3432",
"datePublished": "2025-02-11T23:56:34.113Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2025-02-26T18:00:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20474 (GCVE-0-2024-20474)
Vulnerability from cvelistv5 – Published: 2024-10-23 17:49 – Updated: 2024-10-23 20:54
VLAI?
Summary
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.
Severity ?
4.3 (Medium)
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 4.10.08025 Affected: 4.10.08029 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 Affected: 5.0.04032 Affected: 5.0.05040 Affected: 5.1.0.136 Affected: 5.1.1.42 Affected: 5.1.2.42 Affected: 5.1.3.62 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:54:04.508420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:54:12.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "4.10.08025"
},
{
"status": "affected",
"version": "4.10.08029"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
},
{
"status": "affected",
"version": "5.0.04032"
},
{
"status": "affected",
"version": "5.0.05040"
},
{
"status": "affected",
"version": "5.1.0.136"
},
{
"status": "affected",
"version": "5.1.1.42"
},
{
"status": "affected",
"version": "5.1.2.42"
},
{
"status": "affected",
"version": "5.1.3.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.\r\n\r This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.\r\n\r Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T17:49:23.557Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-csc-dos-XvPhM3bj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj"
}
],
"source": {
"advisory": "cisco-sa-csc-dos-XvPhM3bj",
"defects": [
"CSCwj99060"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20474",
"datePublished": "2024-10-23T17:49:23.557Z",
"dateReserved": "2023-11-08T15:08:07.681Z",
"dateUpdated": "2024-10-23T20:54:12.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20241 (GCVE-0-2023-20241)
Vulnerability from cvelistv5 – Published: 2023-11-22 17:10 – Updated: 2025-06-05 14:23
VLAI?
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.
These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 Affected: 5.0.04032 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T14:22:24.777282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T14:23:54.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
},
{
"status": "affected",
"version": "5.0.04032"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:29.398Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"source": {
"advisory": "cisco-sa-accsc-dos-9SLzkZ8",
"defects": [
"CSCwf92553"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20241",
"datePublished": "2023-11-22T17:10:45.694Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2025-06-05T14:23:54.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20240 (GCVE-0-2023-20240)
Vulnerability from cvelistv5 – Published: 2023-11-22 17:10 – Updated: 2024-08-02 09:05
VLAI?
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:29.094Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"source": {
"advisory": "cisco-sa-accsc-dos-9SLzkZ8",
"defects": [
"CSCwf21381"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20240",
"datePublished": "2023-11-22T17:10:15.660Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2024-08-02T09:05:35.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20178 (GCVE-0-2023-20178)
Vulnerability from cvelistv5 – Published: 2023-06-28 00:00 – Updated: 2024-08-02 09:05
VLAI?
Summary
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.
This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
Severity ?
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:34.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:50.608Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
}
],
"source": {
"advisory": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"defects": [
"CSCwe00252"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20178",
"datePublished": "2023-06-28T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-08-02T09:05:34.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40124 (GCVE-0-2021-40124)
Vulnerability from cvelistv5 – Published: 2021-11-04 15:36 – Updated: 2024-11-07 21:43
VLAI?
Summary
A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.
Severity ?
6.7 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:43.168660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:43:26.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T15:36:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-nam-priv-yCsRNUGT",
"defect": [
[
"CSCvz67203"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-11-03T16:00:00",
"ID": "CVE-2021-40124",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-nam-priv-yCsRNUGT",
"defect": [
[
"CSCvz67203"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-40124",
"datePublished": "2021-11-04T15:36:03.776040Z",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-11-07T21:43:26.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34788 (GCVE-0-2021-34788)
Vulnerability from cvelistv5 – Published: 2021-10-06 19:40 – Updated: 2024-11-07 21:51
VLAI?
Summary
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:59.200960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:51:09.750Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T19:40:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-lib-hija-cAFB7x4q",
"defect": [
[
"CSCvz38781"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-06T16:00:00",
"ID": "CVE-2021-34788",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-lib-hija-cAFB7x4q",
"defect": [
[
"CSCvz38781"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34788",
"datePublished": "2021-10-06T19:40:11.150901Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:51:09.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1567 (GCVE-0-2021-1567)
Vulnerability from cvelistv5 – Published: 2021-06-16 17:45 – Updated: 2024-11-07 22:08
VLAI?
Summary
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1567",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:44.790543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:08:15.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T17:45:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-pos-dll-ff8j6dFv",
"defect": [
[
"CSCvx52084"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-16T16:00:00",
"ID": "CVE-2021-1567",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-pos-dll-ff8j6dFv",
"defect": [
[
"CSCvx52084"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1567",
"datePublished": "2021-06-16T17:45:34.853734Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:08:15.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1568 (GCVE-0-2021-1568)
Vulnerability from cvelistv5 – Published: 2021-06-16 17:45 – Updated: 2024-11-07 22:08
VLAI?
Summary
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system.
Severity ?
5.5 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:31.840144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:08:22.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T17:45:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-dos-hMhyDfb8",
"defect": [
[
"CSCvx09155"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-16T16:00:00",
"ID": "CVE-2021-1568",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-789"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-dos-hMhyDfb8",
"defect": [
[
"CSCvx09155"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1568",
"datePublished": "2021-06-16T17:45:29.437127Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:08:22.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3432 (GCVE-0-2020-3432)
Vulnerability from nvd – Published: 2025-02-11 23:56 – Updated: 2025-02-26 18:00
VLAI?
Summary
A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.
The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Severity ?
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-3432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:03:38.132125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T18:00:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H/E:X/RL:X/RC:X",
"version": "3.0"
},
"format": "cvssV3_0"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T15:17:09.212Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-dos-36s2y3Lv"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"defects": [
"CSCvt78191"
],
"discovery": "EXTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3432",
"datePublished": "2025-02-11T23:56:34.113Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2025-02-26T18:00:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20474 (GCVE-0-2024-20474)
Vulnerability from nvd – Published: 2024-10-23 17:49 – Updated: 2024-10-23 20:54
VLAI?
Summary
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.
Severity ?
4.3 (Medium)
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 4.10.08025 Affected: 4.10.08029 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 Affected: 5.0.04032 Affected: 5.0.05040 Affected: 5.1.0.136 Affected: 5.1.1.42 Affected: 5.1.2.42 Affected: 5.1.3.62 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:54:04.508420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:54:12.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "4.10.08025"
},
{
"status": "affected",
"version": "4.10.08029"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
},
{
"status": "affected",
"version": "5.0.04032"
},
{
"status": "affected",
"version": "5.0.05040"
},
{
"status": "affected",
"version": "5.1.0.136"
},
{
"status": "affected",
"version": "5.1.1.42"
},
{
"status": "affected",
"version": "5.1.2.42"
},
{
"status": "affected",
"version": "5.1.3.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.\r\n\r This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.\r\n\r Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T17:49:23.557Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-csc-dos-XvPhM3bj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj"
}
],
"source": {
"advisory": "cisco-sa-csc-dos-XvPhM3bj",
"defects": [
"CSCwj99060"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20474",
"datePublished": "2024-10-23T17:49:23.557Z",
"dateReserved": "2023-11-08T15:08:07.681Z",
"dateUpdated": "2024-10-23T20:54:12.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20241 (GCVE-0-2023-20241)
Vulnerability from nvd – Published: 2023-11-22 17:10 – Updated: 2025-06-05 14:23
VLAI?
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.
These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 Affected: 5.0.04032 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T14:22:24.777282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T14:23:54.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
},
{
"status": "affected",
"version": "5.0.04032"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:29.398Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"source": {
"advisory": "cisco-sa-accsc-dos-9SLzkZ8",
"defects": [
"CSCwf92553"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20241",
"datePublished": "2023-11-22T17:10:45.694Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2025-06-05T14:23:54.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20240 (GCVE-0-2023-20240)
Vulnerability from nvd – Published: 2023-11-22 17:10 – Updated: 2024-08-02 09:05
VLAI?
Summary
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.
Severity ?
5.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 4.10.07061 Affected: 4.10.07062 Affected: 4.10.07073 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 Affected: 5.0.02075 Affected: 5.0.03072 Affected: 5.0.03076 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "4.10.07061"
},
{
"status": "affected",
"version": "4.10.07062"
},
{
"status": "affected",
"version": "4.10.07073"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
},
{
"status": "affected",
"version": "5.0.02075"
},
{
"status": "affected",
"version": "5.0.03072"
},
{
"status": "affected",
"version": "5.0.03076"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:29.094Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-accsc-dos-9SLzkZ8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8"
}
],
"source": {
"advisory": "cisco-sa-accsc-dos-9SLzkZ8",
"defects": [
"CSCwf21381"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20240",
"datePublished": "2023-11-22T17:10:15.660Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2024-08-02T09:05:35.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20178 (GCVE-0-2023-20178)
Vulnerability from nvd – Published: 2023-06-28 00:00 – Updated: 2024-08-02 09:05
VLAI?
Summary
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.
This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
Severity ?
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
4.9.00086
Affected: 4.9.01095 Affected: 4.9.02028 Affected: 4.9.03047 Affected: 4.9.03049 Affected: 4.9.04043 Affected: 4.9.04053 Affected: 4.9.05042 Affected: 4.9.06037 Affected: 4.10.00093 Affected: 4.10.01075 Affected: 4.10.02086 Affected: 4.10.03104 Affected: 4.10.04065 Affected: 4.10.04071 Affected: 4.10.05085 Affected: 4.10.05095 Affected: 4.10.05111 Affected: 4.10.06079 Affected: 4.10.06090 Affected: 5.0.00238 Affected: 5.0.00529 Affected: 5.0.00556 Affected: 5.0.01242 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:34.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.9.00086"
},
{
"status": "affected",
"version": "4.9.01095"
},
{
"status": "affected",
"version": "4.9.02028"
},
{
"status": "affected",
"version": "4.9.03047"
},
{
"status": "affected",
"version": "4.9.03049"
},
{
"status": "affected",
"version": "4.9.04043"
},
{
"status": "affected",
"version": "4.9.04053"
},
{
"status": "affected",
"version": "4.9.05042"
},
{
"status": "affected",
"version": "4.9.06037"
},
{
"status": "affected",
"version": "4.10.00093"
},
{
"status": "affected",
"version": "4.10.01075"
},
{
"status": "affected",
"version": "4.10.02086"
},
{
"status": "affected",
"version": "4.10.03104"
},
{
"status": "affected",
"version": "4.10.04065"
},
{
"status": "affected",
"version": "4.10.04071"
},
{
"status": "affected",
"version": "4.10.05085"
},
{
"status": "affected",
"version": "4.10.05095"
},
{
"status": "affected",
"version": "4.10.05111"
},
{
"status": "affected",
"version": "4.10.06079"
},
{
"status": "affected",
"version": "4.10.06090"
},
{
"status": "affected",
"version": "5.0.00238"
},
{
"status": "affected",
"version": "5.0.00529"
},
{
"status": "affected",
"version": "5.0.00556"
},
{
"status": "affected",
"version": "5.0.01242"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:50.608Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw"
}
],
"source": {
"advisory": "cisco-sa-ac-csc-privesc-wx4U4Kw",
"defects": [
"CSCwe00252"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20178",
"datePublished": "2023-06-28T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-08-02T09:05:34.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40124 (GCVE-0-2021-40124)
Vulnerability from nvd – Published: 2021-11-04 15:36 – Updated: 2024-11-07 21:43
VLAI?
Summary
A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.
Severity ?
6.7 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:43.168660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:43:26.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T15:36:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-nam-priv-yCsRNUGT",
"defect": [
[
"CSCvz67203"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-11-03T16:00:00",
"ID": "CVE-2021-40124",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211103 Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-nam-priv-yCsRNUGT"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-nam-priv-yCsRNUGT",
"defect": [
[
"CSCvz67203"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-40124",
"datePublished": "2021-11-04T15:36:03.776040Z",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-11-07T21:43:26.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34788 (GCVE-0-2021-34788)
Vulnerability from nvd – Published: 2021-10-06 19:40 – Updated: 2024-11-07 21:51
VLAI?
Summary
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:42:59.200960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:51:09.750Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T19:40:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-lib-hija-cAFB7x4q",
"defect": [
[
"CSCvz38781"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-06T16:00:00",
"ID": "CVE-2021-34788",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for shared library files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with root privileges. To exploit this vulnerability, the attacker must have a valid account on the system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211006 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-lib-hija-cAFB7x4q"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-lib-hija-cAFB7x4q",
"defect": [
[
"CSCvz38781"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34788",
"datePublished": "2021-10-06T19:40:11.150901Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:51:09.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1567 (GCVE-0-2021-1567)
Vulnerability from nvd – Published: 2021-06-16 17:45 – Updated: 2024-11-07 22:08
VLAI?
Summary
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1567",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:44.790543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:08:15.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T17:45:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-pos-dll-ff8j6dFv",
"defect": [
[
"CSCvx52084"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-16T16:00:00",
"ID": "CVE-2021-1567",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to a race condition in the signature verification process for DLL files that are loaded on an affected device. An attacker could exploit this vulnerability by sending a series of crafted interprocess communication (IPC) messages to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected device with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid credentials on the Windows system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.0",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-pos-dll-ff8j6dFv"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-pos-dll-ff8j6dFv",
"defect": [
[
"CSCvx52084"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1567",
"datePublished": "2021-06-16T17:45:34.853734Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:08:15.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1568 (GCVE-0-2021-1568)
Vulnerability from nvd – Published: 2021-06-16 17:45 – Updated: 2024-11-07 22:08
VLAI?
Summary
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system.
Severity ?
5.5 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco AnyConnect Secure Mobility Client |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:31.840144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:08:22.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect Secure Mobility Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T17:45:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-dos-hMhyDfb8",
"defect": [
[
"CSCvx09155"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-16T16:00:00",
"ID": "CVE-2021-1568",
"STATE": "PUBLIC",
"TITLE": "Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect Secure Mobility Client",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-789"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210616 Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8"
}
]
},
"source": {
"advisory": "cisco-sa-anyconnect-dos-hMhyDfb8",
"defect": [
[
"CSCvx09155"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1568",
"datePublished": "2021-06-16T17:45:29.437127Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:08:22.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}