Vulnerabilities > Cisco > Anyconnect Secure Mobility Client > 2.5.2010
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-34788 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.0 |
| 2021-05-06 | CVE-2021-1519 | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. | 5.5 |
| 2017-06-08 | CVE-2017-6638 | Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. | 7.8 |
| 2016-08-25 | CVE-2016-6369 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. | 7.8 |