Vulnerabilities > Cisco > Anyconnect Secure Mobility Client > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-20474 Integer Underflow (Wrap or Wraparound) vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer underflow condition.
network
low complexity
cisco CWE-191
6.5
2023-11-22 CVE-2023-20240 Out-of-bounds Read vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.
local
low complexity
cisco CWE-125
5.5
2023-11-22 CVE-2023-20241 Out-of-bounds Read vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software.
local
low complexity
cisco CWE-125
5.5
2021-06-16 CVE-2021-1567 Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client.
local
high complexity
cisco CWE-427
6.7
2021-06-16 CVE-2021-1568 Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.
local
low complexity
cisco
5.5
2021-05-06 CVE-2021-1519 Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device.
local
low complexity
cisco
5.5
2021-02-24 CVE-2021-1450 Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client 4.9(5086)
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
cisco
5.5
2021-01-13 CVE-2021-1258 Improper Privilege Management vulnerability in multiple products
A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device.
local
low complexity
cisco mcafee CWE-269
5.5
2020-11-06 CVE-2020-27123 Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device.
local
low complexity
cisco
5.5
2020-08-17 CVE-2020-3435 Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device.
local
low complexity
cisco CWE-20
5.5