HIGH🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2020-3433

CVSS 7.8v3.1pub. 2020-08-17upd. 2025-10-28

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Cisco Anyconnect Secure Mobility Client

    APP
    Cisco
    < 4.9.00086

CISA KEV — detailsi

Vendori
Cisco
Producti
AnyConnect Secure
Added to KEVi
October 24, 2022
Remediation deadline (US Federal)i
November 14, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 14 listopada 2022
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-20178HIGH7.8ten sam produkt

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows a...

CVE-2021-34788HIGH7.0ten sam produkt

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux a...

CVE-2021-1567HIGH7.0ten sam produkt

A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allo...

CVE-2021-1426HIGH7.0ten sam produkt

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility ...

CVE-2021-1428HIGH7.0ten sam produkt

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility ...