CVE-2012-2493
Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.
La implementación de descargas en VPN en la funcionalidad WebLaunch de Cisco AnyConnect Secure Mobility Client v2.x antes v2.5 MR6 y v3.x antes de v3.0 MR8 en Mac OS X y Linux no valida los binarios que son recibidos por el proceso de descarga, lo que permite a tatacantes remotos ejecutar código de su elección a través de vectores relacionados con componente (1) ActiveX o (2) Java. Tambien conocido como Bug ID CSCtw47523.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco AnyConnect VPN Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists due to insufficient signature checks with the Cisco AnyConnect VPN Client. When the client is invoked through the ActiveX control it downloads and checks a file called vpndownloader.exe. This file has to be properly signed by Cisco. Once this file is downloaded it is run and downloads additional configuration files. Within the downloaded config file it is possible to force a download of executable files. Those files are not properly checked for valid certificates and are run on the host as soon as they are downloaded.
*Credits:
gwslabs.com
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-07 CVE Reserved
- 2012-06-20 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac | 2012-06-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.1 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.128 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.128" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.133 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.133" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.136 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.136" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.140 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.140" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.185 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.185" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.254 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.254" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.2016 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.2016" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.0202 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.0202" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.1012 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.1012" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.0" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.1 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.1 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.128 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.128" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.128 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.128" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.133 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.133" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.133 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.133" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.136 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.136" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.136 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.136" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.140 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.140" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.140 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.140" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.185 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.185" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.185 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.185" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.254 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.254" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.254 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.254" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.2016 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.2016" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.2016 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.2016" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.0202 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.0202" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.0202 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.0202" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.1012 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.1012" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.1012 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.1012" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|