10.26.2022

Cisco AnyConnect For Windows Active Exploit

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 10/26/2022

Action Level - High

Description

Cisco is reporting that two security vulnerabilities in the AnyConnect Secure Mobility Platform have been actively exploited in the wild. These vulnerabilities could allow an attacker to execute arbitrary code on vulnerable devices. As a result of the active exploitation, Cisco is recommending that customers update affected devices as soon as possible. 

Affected Versions

  • Cisco AnyConnect Secure Mobility Client for Windows : versions prior to 4.9.00086

Attack Vector

Any attacker with network access can exploit this vulnerability. This could be an external bad actor interacting with public facing devices or an internal bad actor interacting with any device they have network access to. Though the exploits require authentication, they could be chained with other vulnerabilities to gain access and proof of concept exploits exist with this functionality.

Attack Feasibility

An exploit is available and in current use by attackers.

Remediation

Update to a current, fixed version of AnyConnect.

Vendor Resources

Cisco Security Advisory 12

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC