Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco anyconnect secure mobility client vulnerabilities and exploits
(subscribe to this query)
829
VMScore
CVE-2020-9817
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to gain root privileges.
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
828
VMScore
CVE-2012-4655
The WebLaunch feature in Cisco Secure Desktop prior to 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote malicious users to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSC...
Cisco Secure Desktop 3.4
Cisco Secure Desktop 3.1.1.45
Cisco Secure Desktop 3.6.3002
Cisco Secure Desktop 3.2
Cisco Secure Desktop 3.6
Cisco Secure Desktop 3.5.2008
Cisco Secure Desktop 3.4.2
Cisco Secure Desktop 3.6.181
Cisco Secure Desktop 3.1.1
Cisco Secure Desktop 3.6.185
Cisco Secure Desktop 3.1
Cisco Secure Desktop 3.5.841
Cisco Secure Desktop 3.4.2048
Cisco Secure Desktop 3.4.1
Cisco Secure Desktop 3.2.1
Cisco Secure Desktop 3.5
Cisco Secure Desktop 3.6.4021
Cisco Secure Desktop 3.1.1.27
Cisco Secure Desktop 3.1.1.33
Cisco Secure Desktop 3.6.1001
Cisco Secure Desktop 3.3
Cisco Secure Desktop 3.6.2002
828
VMScore
CVE-2012-3088
Cisco AnyConnect Secure Mobility Client 3.1.x prior to 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote malicious users to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 3.2.0
828
VMScore
CVE-2012-2493
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x prior to 2.5 MR6 on Windows, and 2.x prior to 2.5 MR6 and 3.x prior to 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader ...
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 3.0
828
VMScore
CVE-2011-2040
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) prior to 2.5.3041, and 3.0.x prior to 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote m...
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client
Cisco Anyconnect Secure Mobility Client 2.5.2018
Cisco Anyconnect Secure Mobility Client 2.5.1025
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 2.5.2010
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2001
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.3.254
765
VMScore
CVE-2011-2039
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) prior to 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote malicious users to...
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client
1 EDB exploit
725
VMScore
CVE-2017-3813
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local malicious user to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient i...
Cisco Anyconnect Secure Mobility Client 4.1.08005
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 4.0.00052
Cisco Anyconnect Secure Mobility Client 4.0.00061
Cisco Anyconnect Secure Mobility Client 4.2.00096
Cisco Anyconnect Secure Mobility Client 4.2.01022
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 4.3.01095
Cisco Anyconnect Secure Mobility Client 4.2.05015
Cisco Anyconnect Secure Mobility Client 4.2.06014
Cisco Anyconnect Secure Mobility Client 4.0.00057
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 4.1.00028
Cisco Anyconnect Secure Mobility Client 4.1.02011
Cisco Anyconnect Secure Mobility Client 4.2.01035
Cisco Anyconnect Secure Mobility Client 4.2.02075
Cisco Anyconnect Secure Mobility Client 4.3.02039
Cisco Anyconnect Secure Mobility Client 4.3.03086
Cisco Anyconnect Secure Mobility Client 4.1.04011
Cisco Anyconnect Secure Mobility Client 4.1.06013
Cisco Anyconnect Secure Mobility Client 4.1.06020
Cisco Anyconnect Secure Mobility Client 4.2.03013
1 EDB exploit
725
VMScore
CVE-2015-6305
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 up to and including 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, ...
Cisco Anyconnect Secure Mobility Client 2.1.0.148
Cisco Anyconnect Secure Mobility Client 2.2.0136
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.2019
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.2052
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 3.0.09266
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0.0
Cisco Anyconnect Secure Mobility Client 2.5.0217
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2010
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.0.3054
Cisco Anyconnect Secure Mobility Client 3.0.4235
Cisco Anyconnect Secure Mobility Client 3.0.5075
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 4.0.00051
1 EDB exploit
1 Github repository
725
VMScore
CVE-2015-6306
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.
Cisco Anyconnect Secure Mobility Client 4.1.\\(8\\)
1 EDB exploit
641
VMScore
CVE-2021-40124
A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to script...
Cisco Anyconnect Secure Mobility Client
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »