New PoC Exploit Published for Cisco AnyConnect Flaw Granting System Privileges
Many organizations worldwide enjoy outdated Cisco AnyConnect VPNs attributable to their security and other great aspects.
Cisco has many products for VPN relying upon the platforms with diverse versions of Gadget.
Cisco has launched a original security advisory that patches a high-severity privilege escalation vulnerability in Cisco AnyConnect Proper Mobility Consumer for Windows and Cisco Proper Consumer Gadget for Windows.
CVE-2023-20178: Cisco AnyConnect Proper
This vulnerability exists within the client update course of of the Cisco AnyConnect Mobility Consumer and Cisco Proper Consumer Gadget for Windows, by which a low-privileged, authenticated user can elevate the privilege to SYSTEM and potentially pause administrative instructions.
The Security researcher Filip Dragović who realized the Arbitrary File Delete vulnerability, launched the PoC exploit code.
All the device by the client update course of, the vpndownloader.exe course of creates a itemizing within the C:Windowstemp itemizing, which tests for files or directories internal it and deletes them.
This functionality is performed with SYSTEM privileges which is ready to be exploited by spawning a cmd course of and arbitrarily deleting files from the machine.
Affected Merchandise
The following products are affected attributable to this vulnerability,
- Cisco AnyConnect Proper Mobility Consumer for Linux
- Cisco AnyConnect Proper Mobility Consumer for MacOS
- Cisco Proper Consumer-AnyConnect for Android
- Cisco Proper Consumer AnyConnect VPN for iOS
- Cisco Proper Consumer for Linux
- Cisco Proper Consumer for MacOS
Mounted Versions
Merchandise | Mounted in Version |
Cisco AnyConnect Proper Mobility Consumer for Windows Gadget | 4.10MR7 (4.10.07061) |
Cisco Proper Consumer for Windows Gadget | 5.0MR2 (5.0.02075) |
Cisco AnyConnect and Cisco Proper Consumer users are instantaneous to upgrade to the most contemporary version to forestall attackers from Cisco AnyConnect Flaws.
Source credit : cybersecuritynews.com