Lucene search
K

4 matches found

CVE
CVE
added 2023/06/28 12:0 a.m.2693 views

CVE-2023-20178

CVE-2023-20178 affects Cisco AnyConnect Secure Mobility Client for Windows and Cisco Secure Client for Windows. The issue arises in the client update process after a VPN connection, where improper permissions on a temporary directory created during the update could allow a low-privileged, authent...

7.8CVSS7.6AI score0.05374EPSS
CVE
CVE
added 2025/03/05 4:14 p.m.273 views

CVE-2025-20206

Cisco Secure Client for Windows is affected by an IPC channel vulnerability that could allow a local attacker with valid credentials to perform a DLL hijack and execute arbitrary code with SYSTEM privileges when the Secure Firewall Posture Engine (formerly HostScan) is installed. Root cause is in...

7.8CVSS7.7AI score0.00172EPSS
CVE
CVE
added 2024/03/06 4:29 p.m.160 views

CVE-2024-20338

Cisco Secure Client for Linux contains a privilege-escalation flaw in the ISE Posture (System Scan) module caused by an uncontrolled search path element. An authenticated, local attacker could place a malicious library in a targeted filesystem location and, after prompting an admin to restart a p...

7.3CVSS7.6AI score0.00888EPSS
CVE
CVE
added 2024/05/15 5:24 p.m.102 views

CVE-2024-20391

CVE-2024-20391 concerns the Cisco Secure Client’s Network Access Manager (NAM) module. The issue arises from a lack of authentication on a specific function, allowing an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM and execute arbitrary code ...

6.8CVSS7.7AI score0.00347EPSS