Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anyconnect secure mobility client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0665
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and previous versions allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
Cisco Anyconnect Secure Mobility Client
7.8
CVSSv3
CVE-2021-1237
A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to h...
Cisco Anyconnect Secure Mobility Client
7.8
CVSSv3
CVE-2020-3433
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid creden...
Cisco Anyconnect Secure Mobility Client
1 Article
NA
CVE-2014-3314
Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote malicious users to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.
Cisco Anyconnect Secure Mobility Client
7.8
CVSSv3
CVE-2017-6638
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is d...
Cisco Anyconnect Secure Mobility Client
1 Github repository
NA
CVE-2015-0755
The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797.
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
NA
CVE-2015-4289
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
5.7
CVSSv3
CVE-2023-36672
An issue exists in the Clario VPN client up to and including 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subn...
Clario Vpn
2 Articles
7.3
CVSSv3
CVE-2023-36673
An issue exists in Avira Phantom VPN up to and including 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by ...
Avira Phantom Vpn
2 Articles
7.8
CVSSv3
CVE-2023-20178
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local malicious user to elevate privileges to those of SYSTEM. The client update ...
Cisco Secure Client
Cisco Anyconnect Secure Mobility Client
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »