Lucene search
K

144 matches found

ATTACKERKB
ATTACKERKB
added 2023/11/22 5:15 p.m.8 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/22 5:15 p.m.4 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.8AI score0.00197EPSS
Exploits0References1
Prion
Prion
added 2023/11/22 5:15 p.m.19 views

Out-of-bounds

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

1.7CVSS6.9AI score0.00197EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/11/22 5:15 p.m.18 views

Out-of-bounds

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

1.7CVSS6.9AI score0.00197EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2023/11/22 5:10 p.m.3 views

CVE-2023-20241

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2023/11/22 5:10 p.m.69 views

CVE-2023-20241

Cisco Secure Client Software (formerly AnyConnect) is affected by multiple DoS vulnerabilities due to an out-of-bounds memory read. An authenticated, local attacker who has credentials on a multi-user system can exploit this by logging in while another user is active, sending crafted packets to a...

5.5CVSS5.4AI score0.00197EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/22 5:10 p.m.30 views

CVE-2023-20241

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.7AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/22 5:10 p.m.11 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS6.1AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/22 5:10 p.m.29 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.7AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2023/11/22 5:10 p.m.78 views

CVE-2023-20240

Cisco Secure Client Software (formerly AnyConnect Secure Mobility Client) contains CVE-2023-20240: multiple DoS vulnerabilities caused by an out-of-bounds memory read. An authenticated, local attacker on a multi-user system can log in alongside another user, craft packets to a local port, and cra...

5.5CVSS5.4AI score0.00197EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.5 views

Cisco Secure Client Security Vulnerability

Cisco Secure Client is a piece of software from Cisco that is used to connect to virtual private networks. A security vulnerability exists in Cisco Secure Client, which can be exploited by an attacker by logging on to an affected device at the same time as another user accesses Cisco Secure Clien...

5.5CVSS6.4AI score0.00197EPSS
Exploits0References2
Cisco
Cisco
added 2023/11/15 4:0 p.m.46 views

Cisco Secure Client Software Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/15 12:0 a.m.10 views

PT-2023-7117 · Cisco · Cisco Secure Client

Name of the Vulnerable Software and Affected Versions: Cisco Secure Client Software affected versions not specified Description: The issue is related to multiple vulnerabilities in Cisco Secure Client Software that could allow an authenticated, local attacker to cause a denial of service DoS...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/08/23 12:0 a.m.9 views

The vulnerability of the Avira Phantom VPN client—a security solution for Cisco Secure Client endpoints (formerly known as Cisco AnyConnect Secure Mobility Client)—allows a perpetrator to gain access to internal network traffic from any IP address.

The vulnerability of the Avira Phantom VPN client, a security solution for Cisco Secure Client formerly Cisco AnyConnect Secure Mobility Client, relates to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain access to internal network...

7.8CVSS7.2AI score0.00622EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/06/28 3:15 p.m.21 views

Design/Logic Flaw

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed aft...

4.3CVSS7.6AI score0.05374EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2023/06/28 12:0 a.m.24 views

CVE-2023-20178

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed aft...

7.8CVSS7.8AI score0.05374EPSS
Exploits1References1
CVE
CVE
added 2023/06/28 12:0 a.m.2693 views

CVE-2023-20178

CVE-2023-20178 affects Cisco AnyConnect Secure Mobility Client for Windows and Cisco Secure Client for Windows. The issue arises in the client update process after a VPN connection, where improper permissions on a temporary directory created during the update could allow a low-privileged, authent...

7.8CVSS7.6AI score0.05374EPSS
Exploits1References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.6 views

The vulnerability of the security mechanism for Cisco Secure Client (formerly Cisco AnyConnect Secure Mobility Client) endpoints for Windows operating systems arises from a flaw in access control related to the temporary directory created during updates. This vulnerability allows attackers to escalate their privileges.

The vulnerability of the Cisco Secure Client formerly Cisco AnyConnect Secure Mobility Client security solution for Windows operating systems is related to deficiencies in access control for the temporary directory created during updates. Exploiting this vulnerability can allow attackers to...

7.8CVSS7.2AI score0.05374EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.4 views

PT-2023-24794 · Pulse Secure · Pulse Secure Client

Name of the Vulnerable Software and Affected Versions: Pulse Secure Client affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged co...

7.8CVSS8AI score0.0097EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2023/06/09 8:0 a.m.23 views

Update your Cisco System Secure Client now to fix this AnyConnect bug

Cisco Secure Client is the fresh recipient of a fix to address a high-severity vulnerability related to improper permissions. The flaw allows attackers to potentially escalate privileges to the SYSTEM account. From the vulnerability advisory: A vulnerability in the client update feature of Cisco...

7.1AI score
Exploits0
Rows per page
Query Builder