Critical Vulnerabilities in Cisco AnyConnect Secure Mobility Client for Windows

Cisco has released security updates to address two vulnerabilities (CVE-2020-3433 and CVE-2020-3153) that could allow local attackers to perform DLL hijacking attacks and copy files to system directories with system-level privileges in their Cisco AnyConnect Secure Mobility Client product for Windows. The vulnerabilities are reportedly being actively exploited.

Successful exploitation of the vulnerability could allow attackers to execute arbitrary code on targeted Windows devices with SYSTEM privileges.

Administrators and users of affected Cicso AnyConnect Secure Mobility Client products for Windows are advised to upgrade AnyConnect Secure Mobility Client to version release 4.10.06079 immediately.

More information is available here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
https://software.cisco.com/download/home/286281283/type/282364313/release/4.10.06079?catid=268438162
https://www.bleepingcomputer.com/news/security/cisco-warns-admins-to-patch-anyconnect-flaw-exploited-in-attacks/