06.22.2023

Cisco AnyConnect/Secure Client Vulnerability Exploit

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 06/22/2023

Action Level - High

Description

A vulnerability affecting Cisco Secure Client Software (AKA AnyConnect Secure Mobility Client) for Windows is now under threat of active exploitation after proof-of-concept code was released this week. If exploited, this vulnerability could allow an attacker with low-level access to escalate privileges to the Windows SYSTEM account on an unpatched device. This exploit is relatively uncomplex and will likely be utilized by attackers in the near future, so immediate investigation and patching of impacted systems is recommended.

Fixed Versions

  • Cisco AnyConnect Secure Mobility for Windows : 4.10MR7 (4.10.07061)
  • Cisco Secure Client for Windows : 5.0MR2 (5.0.02075)

Attack Vector

An attacker with access to a vulnerable system and the ability to authenticate at any level.

Attack Feasibility 

Proof of concept code for this exploit has been released, and active exploitation is likely in the very near future.

Mitigation

There are no known mitigations for this vulnerability

Remediation

Update to a current supported version of AnyConnect Secure Mobility / Secure Client.

Vendor Resources

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC