Security News > 2023 > June > PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)
2023-06-23 12:58

Proof-of-concept exploit code for the high-severity vulnerability in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows has been published.

Cisco Secure Client Software - previously known as Cisco AnyConnect Secure Mobility Client - is unified endpoint security software designed to assist businesses in expanding their network access capabilities and enabling remote employees to connect via both wired and wireless connections, including VPN. In early June, Cisco published a security advisory about CVE-2023-20178, a vulnerability in the client update process of both Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows.

"This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges," the Cisco advisory revealed.

The vulnerability has been reported by security researcher Filip Dragović.

Since there are no workarounds, users have been advised to update the software as soon as possible, to either AnyConnect Secure Mobility Client for Windows 4.10MR7 or Cisco Secure Client Software for Windows 5.0MR2. The flaw does not affect Cisco AnyConnect Secure Mobility Client and Cisco Secure Client for Linux and macOS, nor Cisco Secure Client-AnyConnect for Android and iOS. CVE-2023-20178 PoC. On Thursday, Cisco confirmed that a PoC exploit has been published by the same researcher.

The vulnerability is easy to weaponize, but attackers must first gain access to the target system by other means to be able to exploit it and elevate their privileges.


News URL

https://www.helpnetsecurity.com/2023/06/23/cve-2023-20178-poc/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-28 CVE-2023-20178 Incorrect Default Permissions vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM.
local
low complexity
cisco CWE-276
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751