A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCisco Anyconnect Secure Mobility Client
APPCisco< 4.10.07061Cisco Secure Client
APPCisco< 5.0.02075
Related vulnerabilities
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for...
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow...
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based securit...
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remo...
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authen...