Cisco has recently fixed a high-severity vulnerability found in its Cisco Secure Client (previously known as AnyConnect Secure Mobility Client) software. This issue could have allowed attackers to escalate their privileges to the SYSTEM account used by the operating system.
Cisco Addresses High-Severity Bug
Low-privileged local attackers can exploit this security flaw (identified as CVE-2023-20178) in low-sophistication attacks that do not require user interaction.
According to Cisco, CVE-2023-20178 does not affect the following macOS, Linux, and mobile products:
- Cisco AnyConnect Secure Mobility Client for Linux
- Cisco AnyConnect Secure Mobility Client for MacOS
- Cisco Secure Client – AnyConnect for Android
- Cisco Secure Client AnyConnect VPN for iOS
- Cisco Secure Client for Linux
- Cisco Secure Client for MacOS
Two years ago, Cisco patched an AnyConnect zero-day vulnerability, CVE-2020-3556, which had public exploit code. This update was released in May 2021, six months after the company provided mitigation measures to reduce the attack surface when the vulnerability was disclosed in November 2020.
The vulnerabilities (CVE-2020-3433 and CVE-2020-3153) allow threat actors to execute arbitrary code on targeted Windows devices with SYSTEM privileges when connected to other defects privilege escalation.
These vulnerabilities allowed threat actors to execute arbitrary code on targeted Windows devices with SYSTEM privileges when combined with other privilege escalation flaws.