4 matches found
CVE-2023-20178
CVE-2023-20178 affects Cisco AnyConnect Secure Mobility Client for Windows and Cisco Secure Client for Windows. The issue arises in the client update process after a VPN connection, where improper permissions on a temporary directory created during the update could allow a low-privileged, authent...
CVE-2025-20206
Cisco Secure Client for Windows is affected by an IPC channel vulnerability that could allow a local attacker with valid credentials to perform a DLL hijack and execute arbitrary code with SYSTEM privileges when the Secure Firewall Posture Engine (formerly HostScan) is installed. Root cause is in...
CVE-2024-20338
Cisco Secure Client for Linux contains a privilege-escalation flaw in the ISE Posture (System Scan) module caused by an uncontrolled search path element. An authenticated, local attacker could place a malicious library in a targeted filesystem location and, after prompting an admin to restart a p...
CVE-2024-20391
CVE-2024-20391 concerns the Cisco Secure Client’s Network Access Manager (NAM) module. The issue arises from a lack of authentication on a specific function, allowing an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM and execute arbitrary code ...