CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 8CVE-2020-3153 – Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
https://notcve.org/view.php?id=CVE-2020-3153
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. • https://github.com/goichot/CVE-2020-3153 https://github.com/shubham0d/CVE-2020-3153 https://github.com/raspberry-pie/CVE-2020-3153 http://packetstormsecurity.com/files/157340/Cisco-AnyConnect-Secure-Mobility-Client-4.8.01090-Privilege-Escalation.html http://packetstormsecurity.com/files/158219/Cisco-AnyConnect-Path-Traversal-Privilege-Escalation.html http://packetstormsecurity.com/files/159420/Cisco-AnyConnect-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Apr/43 https://tools.cisco.com/secur • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-0373
https://notcve.org/view.php?id=CVE-2018-0373
A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious request to the application. A successful exploit could allow the attacker to cause a DoS condition on the affected system. Cisco Bug IDs: CSCvj47654. • http://www.securityfocus.com/bid/104548 http://www.securitytracker.com/id/1041176 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-anyconnect-dos • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12268
https://notcve.org/view.php?id=CVE-2017-12268
A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539. • http://www.securityfocus.com/bid/101157 http://www.securitytracker.com/id/1039507 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6788
https://notcve.org/view.php?id=CVE-2017-6788
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. The vulnerability is due to insufficient input validation of some parameters that are passed to the WebLaunch function of the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. Cisco Bug IDs: CSCvf12055. Known Affected Releases: 98.89(40). • http://www.securityfocus.com/bid/100364 http://www.securitytracker.com/id/1039190 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-caw • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •