Vulnerabilities > Cisco > Anyconnect Secure Mobility Client > 2.5.5125
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-34788 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.0 |
| 2021-05-06 | CVE-2021-1519 | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. | 5.5 |
| 2020-09-23 | CVE-2019-16007 | Insufficient Verification of Data Authenticity vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. | 7.1 |
| 2017-06-08 | CVE-2017-6638 | Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. | 7.8 |