CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2023-20241
https://notcve.org/view.php?id=CVE-2023-20241
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system. Múltiples vulnerabilidades en Cisco Secure Client Software, anteriormente AnyConnect Secure Mobility Client, podrían permitir que un atacante local autenticado cause una condición de denegación de servicio (DoS) en un sistema afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2023-20240
https://notcve.org/view.php?id=CVE-2023-20240
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-20178
https://notcve.org/view.php?id=CVE-2023-20178
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges. • https://github.com/Wh04m1001/CVE-2023-20178 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw • CWE-276: Incorrect Default Permissions •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2010-5203
https://notcve.org/view.php?id=CVE-2010-5203
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de ruta de búsqueda no confiable en NCP Secure Enterprise Client anterior a 9.21 Build 68, Entry Client anterior a 9.23 Build 18, y Secure Client - Juniper Edition anterior a 9.23 Build 18 permite a usuarios locales obtener privilegios a través de un caballo de troya (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, o (4) Archivo ncpmon2.dll en el directorio de trabajo actual, como lo demuestra un directorio que contiene un pcf. o. spd. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://secunia.com/advisories/41388 http://www.ncp-e.com/fileadmin/pdf/service_support/NCP_Client_Vulnerability_Statement_EN.pdf •
CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3551
https://notcve.org/view.php?id=CVE-2006-3551
NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67. NCP Secure Enterprise Client (también conocido como VPN/PKI client) 8.30 Build 59, y posiblemente anteriores versiones, cuando cuando el cortafuegos de enlace y el personal (Link FireWall y Personal FireWall) son ambos configurados para bloquear todo el tráfico de red de entrada y salida, permite a atacantes dependientes del contexto enviar tráfico UDP de entrada con un puerto fuente 67 y un puerto de destino 68, y tráfico de salida UDP con un puerto fuente 68 y puerto de destino 67. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047547.html https://exchange.xforce.ibmcloud.com/vulnerabilities/27484 •