Cisco Bug: CSCvs46327 - Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Aug 05, 2020
- Cisco AnyConnect Secure Mobility Client
Known Affected Releases
Symptom: A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL Pre-loading, DLL Hijacking and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. Cisco has released software updates that address the vulnerability described in this advisory. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj Conditions: At the time of publication, this vulnerability affected Cisco AnyConnect Secure Mobility Client for Windows releases before 4.8.02042. At the time of publication, anyconnect Cisco AnyConnect Secure Mobility Client for Windows releases 4.8.02042 and later contained the fix for this vulnerability.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases