Zero-day escape discovered in Cisco’s VPN client



[ad_1]

6. November 2020 – A security vulnerability in Cisco’s VPN client software could allow attackers to execute scripts. A patch is not yet available, but there is a workaround to fix the leak.

A vulnerability was discovered in Cisco’s Anyconnect VPN solution that allows an attacker to execute scripts under certain conditions. As the network giant announced in a security advisory, the leak is about a lack of authentication in the Interprocess Communication Channel (IPC) listener, the Anyconnect Secure Mobility Client software. This allows attackers to send specially crafted IPC messages to the listener to execute scripts. However, the prerequisite is that an active session exists and that the attacker has access to the system. Cisco also notes that for successful attacks the standard setting in the downloader bypass should be changed from true to false beforehand.

The vulnerability affects all versions of the Anyconnect Secure Mobility Client software for Windows, MacOS and Linux. Clients for iOS and Android are not affected. A patch is not currently available. Cisco recommends setting the aforementioned bypass downloader setting to true and promises to fix the leak with an upcoming update. (rd)

.

[ad_2]
Source link