Security Update — Cisco AnyConnect DLL Hijacking

Home/Security Update/Security Update — Cisco AnyConnect DLL Hijacking

Security Update — Cisco AnyConnect DLL Hijacking

Cisco released security updates for Cisco AnyConnect secure mobility client for windows arbitrary code execution vulnerability.

CVE-2021-1366Cisco AnyConnect

Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, highly secure access to the enterprise network from any device, at any time, in any location while protecting the organization.

Now Cisco has released fix for a vulnerability due to insufficient validation of resources that are loaded by the application at run time.

An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process.

However, a successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges.

In addition, to exploit this vulnerability, the attacker needs valid credentials on the Windows system.


The vulnerability is considered as HIGH severity with following base metrics:

Vulnerability RatingCVSS 3.0
Base Score7.2
Base MetricsCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability RatingCVSS 2.0
Base Score6.8
Base MetricsCVSS:2.0/AV:L/AC:L/AU:S/C:C/I:C/A:C

Affected Products

Cisco AnyConnect Secure Mobility Client for Windows releases earlier than Release 4.9.05042 that have the VPN Posture (HostScan) Module installed.

Follow Us on: Twitter, InstagramFacebook to get latest security news!

Non-Vulnerable Products

Also, Cisco has confirmed that this vulnerability does not affect the following Cisco products AnyConnect Secure Mobility Client for:

  • Linux
  • Mac OS
  • Mobile device operating systems such as iOS, Android, and Universal Windows Platform
  • and, Windows with only the ISE Posture Module installed

Security Fix:

Cisco fixed this vulnerability in Cisco AnyConnect Secure Mobility Client for Windows releases 4.9.05042 and later.

In addition, Customers may only install and expect support for software versions and feature sets for which they have purchased a license.

Reference URL

By | 2021-02-22T22:01:59+05:30 February 22nd, 2021|Security Update|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!