Anyconnect Secure Mobility Client Security Vulnerabilities and Issues — Anyconnect Secure Mobility Client CVE List

Lucene search

CiscoAnyconnect Secure Mobility Client

7 matches found

CVE•added 2020/02/19 8:15 p.m.•1435 views

CVE-2020-3153

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. ...

6.5CVSS6.6AI score0.43482EPSS

CVE•added 2020/08/17 6:15 p.m.•773 views

CVE-2020-3433

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows syst...

7.8CVSS7.8AI score0.06347EPSS

CVE•added 2020/09/23 1:15 a.m.•242 views

CVE-2019-16007

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of impl...

7.1CVSS6AI score0.00172EPSS

CVE•added 2020/11/06 7:15 p.m.•203 views

CVE-2020-3556

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listene...

7.3CVSS7.1AI score0.00236EPSS

CVE•added 2020/08/17 6:15 p.m.•122 views

CVE-2020-3434

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have vali...

5.5CVSS5.4AI score0.00161EPSS

CVE•added 2020/11/06 7:15 p.m.•65 views

CVE-2020-27123

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulnerability is due to an exposed IPC function. ...

5.5CVSS5.3AI score0.00061EPSS

CVE•added 2020/08/17 6:15 p.m.•62 views

CVE-2020-3435

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...

5.5CVSS5.2AI score0.0017EPSS