mickmick.net

Cisco AnyConnect Elevation of Privilege Vulnerability

Release Date: 8 Jun 2023

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

A vulnerability was identified in Cisco AnyConnect. A remote attacker could exploit this vulnerability to trigger elevation of privilege on the targeted system.

---

Impact

• Elevation of Privilege

---

System / Technologies affected

• Cisco AnyConnect Secure Mobility Client for Windows Software versions prior to 4.10MR7
• Cisco Secure Client for Windows Software versions prior to 5.0MR2

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw

---

Vulnerability Identifier

• CVE-2023-20178

---

Source

• Cisco

---

Related Link

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw