banner
News center
Delve into our diverse selection of world-class products and services to find your perfect match.

Cisco has fixed a highly severe flaw in its business VPN

Oct 27, 2023

It seems Cisco beat cybercriminals to the punch this time

Cisco released a patch for a high-severity flaw that was plaguing its Cisco Secure Client. The flaw, tracked as CVE-2023-20178, allowed threat actors elevate account privileges and tamper with the system on the admin level. No interaction on the victim's side was necessary.

"This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the upgrade process," Cisco said in its security advisory published with the patch. "An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process."

Cisco Secure Client is a VPN/ZNTA solution that enables remote working opportunities for employees, and endpoint management and telemetry features for administrators.

To remove the threat, users are advised to bring AnyConnect Secure Mobility Client for Windows to version 4.10MR7 and Cisco Secure Client for Windows to version 5.0MR2.

Not all versions of the product are vulnerable, though. For macOS and Linux, the Cisco Secure Client and AnyConnect Secure Mobility Client are both fine, as too is the Secure Client-AnyConnect for Android and the Secure Client AnyConnect VPN for iOS.

> Cisco vulnerability could cause your firewalls to fail > More Cisco SMB router ranges have serious security flaws > Check out the best business VPNs right now

Elsewhere in the security advisory, Cisco also said that there is no evidence of the flaw being used in the wild. There are also no malware variants out there looking to leverage the flaw, the company claims.

The last time we heard of Cisco AnyConnect was in October last year, when the company urged its customers to apply a fix for a newly discovered flaw that had been sitting unnoticed for several years and was only discovered after being abused by criminals.

At the time, Cisco said it unearthed two flaws - CVE-2020-3433 and CVE-2020-3153, found in the Cisco AnyConnect Secure Mobility Client for Windows which would have allowed local threat actors to run DLL hijacking attacks and use system-level privileges to copy files to system directories. The result is arbitrary code execution on endpoints with system privileges.

Via: BleepingComputer

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications.

Brother MFC-J6955DW review

Google Cloud Enterprise Search is getting even better with AI models

HTC launches its Apple Vision Pro rival for businesses

By Elie GouldJune 08, 2023

By Rhys WoodJune 08, 2023

By Chiara CastroJune 08, 2023

By Craig HaleJune 08, 2023

By Amelia SchwankeJune 08, 2023

By Steve ClarkJune 08, 2023

By Petra PlayerJune 08, 2023

By Marc McLarenJune 08, 2023

By Cesar CadenasJune 07, 2023

By Allisa JamesJune 07, 2023

By Mike MooreJune 07, 2023

Cisco vulnerability could cause your firewalls to fail More Cisco SMB router ranges have serious security flaws Check out the best business VPNs right now