An圜onnect Secure Mobility Client for MacOS.An圜onnect Secure Mobility Client for Windows.
#CISCO ANYCONNECT SECURE MOBILITY CLIENT DOWNLOAD SOFTTONIC SOFTWARE#
This vulnerability affects all releases of Cisco An圜onnect Secure Mobility Client Software earlier than Release 3 for the following platforms if they have a vulnerable configuration: This advisory is available at the following link: There are workarounds that address this vulnerability.
To be able to log in to that system while the targeted user either has an active An圜onnect session established or establishes a new An圜onnect session.
Valid user credentials on the system on which the An圜onnect client is being run by the targeted user.Note: To successfully exploit this vulnerability, an attacker would need all of the following: This script would execute with the privileges of the targeted An圜onnect user. A successful exploit could allow an attacker to cause the targeted An圜onnect user to execute a script. An attacker could exploit this vulnerability by sending crafted IPC messages to the An圜onnect client IPC listener. The vulnerability is due to a lack of authentication to the IPC listener. A vulnerability in the interprocess communication (IPC) channel of Cisco An圜onnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted An圜onnect user to execute a malicious script.