113 matches found
EUVD-2015-0768
Malware in sbrugna...
EUVD-2015-0676
Malware in sbrugna...
CVE-2023-20178
CVE-2023-20178 affects Cisco AnyConnect Secure Mobility Client for Windows and Cisco Secure Client for Windows. The issue arises in the client update process after a VPN connection, where improper permissions on a temporary directory created during the update could allow a low-privileged, authent...
Vulnerability fixed in Cisco Anyconnect Secure Mobility Client and Secure Client
Cisco has fixed a vulnerability in Anyconnect Secure Mobility Client and Secure Client for windows. A local, authenticated malicious party could exploit the vulnerability to grant themselves elevated privileges and execute arbitrary code execute code with privileges from SYSTEM. Cisco has release...
Cisco AnyConnect Secure Mobility Client Installed (Linux)
Binary data ciscoanyconnectclientnixinstalled.nbin...
Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability (cisco-sa-anyconnect-dos-hMhyDfb8)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-anyconnect-dos-hMhyDfb8 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...
Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability (cisco-sa-anyconnect-pos-dll-ff8j6dFv)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-anyconnect-pos-dll-ff8j6dFv advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...
Cisco AnyConnect Secure Mobility Client Input Validation Error Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. An input validation error vulnerability exists in the interprocess communication IPC channel of Cisco AnyConnect Secur...
Information disclosure
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execut...
Information disclosure
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execut...
CVE-2021-1496
Cisco AnyConnect Secure Mobility Client for Windows is affected by DLL and executable hijacking vulnerabilities in the install, uninstall, and upgrade processes (CVE-2021-1496). An authenticated, local attacker with valid Windows credentials could hijack DLL or executables used by the client to e...
CVE-2021-1430
CVE-2021-1430 pertains to Cisco AnyConnect Secure Mobility Client for Windows. The documented issue is DLL and executable hijacking during install, uninstall, and upgrade processes, allowing an authenticated local attacker to hijack files used by the application and potentially execute arbitrary ...
Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution (cisco-sa-anyconnect-ipc-KfQO9QhK)
According to its self-reported version, Cisco AnyConnect Secure Mobility Client is affected by a arbitrary code execution vulnerability. The vulnerability is due to a lack of authentication to the IPC listener. An authenticated, local attacker could exploit this vulnerability by sending crafted I...
Vulnerability fixed in Cisco AnyConnect Secure Mobility Client
A vulnerability in the IPC channel of Cisco AnyConnect Secure Mobility Client, an authenticated, local attacker can cause a Denial-of-Service DoS exploit on an affected device. To exploit this security vulnerability, the attacker must have have valid login credentials on the device. Cisco has...
CVE-2021-1450
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials ...
CVE-2021-1450
The CVE-2021-1450 issue affects Cisco AnyConnect Secure Mobility Client. A vulnerability in the IPC channel allows an authenticated, local attacker to cause a DoS on an affected device by sending crafted IPC messages to the AnyConnect process. The root cause is insufficient validation of user-sup...
Cisco AnyConnect Secure Mobility Client Denial of Service Vulnerability
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials ...
Cisco AnyConnect Secure Mobility Client for Windows Code Issue Vulnerability (CNVD-2021-05520)
Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. A security vulnerability exists in the Cisco AnyConnect Secure Mobility Client for Windows that stems from insufficien...
Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability (cisco-sa-anyconnect-fileread-PbHbgHMj)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-anyconnect-fileread-PbHbgHMj advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...
High-Severity Cisco Flaw Found in CMX Software For Retailers
A high-severity flaw in Cisco’s smart Wi-Fi solution for retailers could allow a remote attacker to alter the password of any account user on affected systems. The vulnerability is part of a number of patches issued by Cisco addressing 67 high-severity CVEs on Wednesday. This included flaws found...