Critical Vulnerabilities in Cisco AnyConnect Secure Mobility Client for Windows

Published on 26 Oct 2022

Updated on 26 Oct 2022

Cisco has released security updates to address two vulnerabilities (CVE-2020-3433 and CVE-2020-3153) that could allow local attackers to perform DLL hijacking attacks and copy files to system directories with system-level privileges in their Cisco AnyConnect Secure Mobility Client product for Windows. The vulnerabilities are reportedly being actively exploited.

Successful exploitation of the vulnerability could allow attackers to execute arbitrary code on targeted Windows devices with SYSTEM privileges.

Administrators and users of affected Cicso AnyConnect Secure Mobility Client products for Windows are advised to upgrade AnyConnect Secure Mobility Client to version release 4.10.06079 immediately.

More information is available here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj

https://software.cisco.com/download/home/286281283/type/282364313/release/4.10.06079?catid=268438162

https://www.bleepingcomputer.com/news/security/cisco-warns-admins-to-patch-anyconnect-flaw-exploited-in-attacks/