Security News > 2020 > November > Cisco Working on Patch for Code Execution Vulnerability in VPN Product

Cisco Working on Patch for Code Execution Vulnerability in VPN Product
2020-11-05 09:29

Cisco informed customers on Wednesday that it's working on a patch for a code execution vulnerability affecting its AnyConnect product.

According to the networking giant, the product is affected by a flaw, tracked as CVE-2020-3556, that can be exploited by a local, authenticated attacker to cause an AnyConnect user to execute a malicious script.

"An attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. A successful exploit could allow an attacker to cause the targeted AnyConnect user to execute a script. This script would execute with the privileges of the targeted AnyConnect user," Cisco said in its advisory.

The IOS XR flaw can allow a remote, unauthenticated attacker to execute unsigned code during the Preboot eXecution Environment boot process on an impacted device.

Cisco has warned Webex customers that an attacker can execute arbitrary code on their systems by tricking them into opening malicious ARF or WRF files with Webex Network Recording Player for Windows or Cisco Webex Player for Windows.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/e4eqY6ntpNU/cisco-working-patch-code-execution-vulnerability-vpn-product

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-3556 Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client 4.9(3052)/98.145(86)
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script.
local
low complexity
cisco
7.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751