4 matches found
Exploit for Uncontrolled Search Path Element in Cisco Anyconnect_Secure_Mobility_Client
CVE-2021-1366 Cisco AnyConnect Posture HostScan Local Privil...
Cisco AnyConnect Posture (HostScan) Security Service CVE-2021-1366 Bypass
1. Advisory Information Title: Cisco AnyConnect Posture HostScan Security Service CVE-2021-1366 Bypass Advisory ID: CORE-2021-0002 Advisory URL: https://www.coresecurity.com/core-labs/advisories/cisco-anyconnect-posture-hostscan-security-service-bypass Date published: 2021-06-16 Date of last...
Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability (cisco-sa-anyconnect-dll-hijac-JrcTOQMC)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-anyconnect-dll-hijac-JrcTOQMC advisory. - A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure...
CVE-2021-1366
Cisco AnyConnect Secure Mobility Client for Windows with the Posture (HostScan) Module is affected by CVE-2021-1366. The vulnerability stems from insecure IPC handling in the Cisco Security Service (ciscod.exe) that allows local, authenticated attackers to perform DLL hijacking via crafted IPC me...