Multiple vulnerabilities in Cisco AnyConnect Secure Mobility Client
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2021-1519 CVE-2021-1429 CVE-2021-1428 |
| CWE-ID | CWE-20 CWE-378 CWE-427 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco AnyConnect Secure Mobility Client Client/Desktop applications / Other client software |
| Vendor |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU52928
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1519
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to overwrite VPN profiles on the target device.
The vulnerability exists due to insufficient validation of user-supplied input in the interprocess communication (IPC) channel. A local user can send a specially crafted IPC message to the AnyConnect process and modify VPN profile files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco AnyConnect Secure Mobility Client: before 4.10.00093
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Creation of Temporary File With Insecure Permissions
EUVDB-ID: #VU52917
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1429
CWE-ID:
CWE-378 - Creation of Temporary File With Insecure Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform an executable hijacking attack.
The vulnerability exists due to a temporary file with insecure permissions is created during the uninstall process. A local user can overwrite the temporary file before it is accessed for execution and execute arbitrary code on the target device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco AnyConnect Secure Mobility Client: before 4.10.00093
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Insecure DLL loading
EUVDB-ID: #VU52916
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1428
CWE-ID:
CWE-427 - Uncontrolled Search Path Element
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to the application loads a DLL file from a user-writable directory. A local user can place a specially crafted .dll file and execute arbitrary code on victim's system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco AnyConnect Secure Mobility Client: before 4.10.00093
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
