Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability – cisco-sa-anyconnect-ipc-KfQO9QhK

This bug is not as clear as you would typically see.  In the Cisco Advisory for cisco-sa-anyconnect-ipc-KfQO9QhK / CVE-2020-3556 they partially talk about the local workaround with no software reference.

“Cisco has not released software updates that address this vulnerability. There are workarounds that address this vulnerability.” – Please see advisory URL for local fix if you are effected.

In a nutshell vulnerability talks about ” … interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script.”

They do mention another bug: Restrict optional file web-deploy of custom scripts, help files, UI, & localization via Local Policy
CSCvw48062 which references code upgrade for anyconnect to 4.9(4053).

You can navigate and download via Cisco software website or if you are lazy use this link.

You’ll need to perform both local and software to mitigate this vulnerability.

Thanks and good luck.
Bart

 

Add a Comment

Your email address will not be published. Required fields are marked *