9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.025 Low
EPSS
Percentile
90.1%
The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities:
Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability
Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability
Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop Hostscan Downloader Software Downgrade Vulnerability
Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability
Cisco Secure Desktop Arbitrary Code Execution Vulnerability
Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: