A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local malicious user to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the malicious user to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco anyconnect secure mobility client |
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Make sure you're patched – and update VMware Cloud Foundation, too, by the way
Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers. One of the pair of flaws, tracked as CVE-2020-3433, is a privilege-escalation issue: an authenticated, local user can exploit AnyConnect to execute code with SYSTEM-level privileges. A rogue insider or malware on a PC can use this to gain total control over the system. It affects Cisco AnyConnect Secure Mobility Client for ...