Vulnerabilities > CVE-2023-20241 - Out-of-bounds Read vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

cisco

CWE-125

NVD

Published: 2023-11-22

Updated: 2024-01-25

Summary

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Anyconnect Secure Mobility Client 4.9.00086 Cisco Anyconnect Secure Mobility Client 4.9.01095 Cisco Anyconnect Secure Mobility Client 4.9.02028 Cisco Anyconnect Secure Mobility Client 4.9.03047 Cisco Anyconnect Secure Mobility Client 4.9.03049 Cisco Anyconnect Secure Mobility Client 4.9.04043 Cisco Anyconnect Secure Mobility Client 4.9.04053 Cisco Anyconnect Secure Mobility Client 4.9.05042 Cisco Anyconnect Secure Mobility Client 4.9.06037 Cisco Secure Client 4.10.00093 Cisco Secure Client 4.10.01075 Cisco Secure Client 4.10.02086 Cisco Secure Client 4.10.03104 Cisco Secure Client 4.10.04065 Cisco Secure Client 4.10.04071 Cisco Secure Client 4.10.05085 Cisco Secure Client 4.10.05095 Cisco Secure Client 4.10.05111 Cisco Secure Client 4.10.06079 Cisco Secure Client 4.10.06090 Cisco Secure Client 4.10.07061 Cisco Secure Client 4.10.07062 Cisco Secure Client 4.10.07073 Cisco Secure Client 5.0.00238 Cisco Secure Client 5.0.00529 Cisco Secure Client 5.0.00556 Cisco Secure Client 5.0.01242 Cisco Secure Client 5.0.02075 Cisco Secure Client 5.0.03072 Cisco Secure Client 5.0.03076	30

Common Weakness Enumeration (CWE)

CWE-125 - Out-of-bounds Read

Common Attack Pattern Enumeration and Classification (CAPEC)

Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-accsc-dos-9SLzkZ8