Cisco warns customers to patch AnyConnect flaws

Share post:

Cisco has warned of two vulnerabilities, identified as CVE-2020-3433 and CVE-2020-3153, that could allow local attackers to conduct DLL hijacking attacks and copy files to system directories with system-level privileges.

Cisco’s most recent warning came two years after the vulnerabilities were fixed in 2020, so Cisco is urging administrators to update the vulnerable software and block ongoing attacks.

“In October 2022, the CISCO PSIRT became aware of additional attempted exploitation of this vulnerability in the world. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability,” the company warned.

Vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows are limited in scope although they are being exploited in the wild.

The AnyConnect Secure Mobility Client simplifies secure enterprise endpoint access enables employees to work from anywhere while connected to a secure VPN via Secure Sockets Layer (SSE) and IPsec 1KEv2.

They are limited in scope, as both vulnerabilities require authentication that allows attackers to have valid login credentials on the system. However, the vulnerabilities can be chained with Windows privilege escalation bugs thanks to the public availability of PoC exploits.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways