Insecure DLL loading in Cisco AnyConnect Secure Mobility Client - CVE-2021-1237

 

Insecure DLL loading in Cisco AnyConnect Secure Mobility Client - CVE-2021-1237

Published: January 13, 2021 / Updated: January 14, 2021


Vulnerability identifier: #VU49533
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-1237
CWE-ID: CWE-427
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco AnyConnect Secure Mobility Client

Detailed vulnerability description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to insufficient validation of resources that are loaded by the application at run time in the Network Access Manager and Web Security Agent components. A local user can place a specially crafted .dll file and execute arbitrary code on victim's system.


How to mitigate CVE-2021-1237

Install updates from vendor's website.

Sources