The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x prior to 2.5 MR6 on Windows, and 2.x prior to 2.5 MR6 and 3.x prior to 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote malicious users to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco anyconnect_secure_mobility_client 2.2.136 |
||
cisco anyconnect_secure_mobility_client 2.3 |
||
cisco anyconnect_secure_mobility_client 2.4.0202 |
||
cisco anyconnect_secure_mobility_client 2.5 |
||
cisco anyconnect_secure_mobility_client 2.3.185 |
||
cisco anyconnect_secure_mobility_client 2.3.2016 |
||
cisco anyconnect_secure_mobility_client 2.3.254 |
||
cisco anyconnect_secure_mobility_client 2.4 |
||
cisco anyconnect_secure_mobility_client 2.0 |
||
cisco anyconnect_secure_mobility_client 2.1 |
||
cisco anyconnect_secure_mobility_client 2.2 |
||
cisco anyconnect_secure_mobility_client 2.2.128 |
||
cisco anyconnect_secure_mobility_client 2.2.133 |
||
cisco anyconnect_secure_mobility_client 2.2.140 |
||
cisco anyconnect_secure_mobility_client 2.4.1012 |
||
cisco anyconnect_secure_mobility_client 3.0 |