Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host.
A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system. With a CVSS score of 5.5, this vulnerability is classified as medium severity, making it critical for organizations to address this issue promptly.
Organizations should prioritize patching immediately. The vulnerabilities have been published as of November 22, 2023, and defenders are urged to take action to mitigate potential risks associated with them.
The affected products include various versions of Cisco Secure Client and AnyConnect Secure Mobility Client. As such, organizations utilizing these products should review their deployment and take the necessary steps to ensure they are not vulnerable.
The lack of known exploits in the wild does not diminish the importance of addressing this vulnerability, as the conditions for exploitation are feasible in local environments.
This vulnerability allows for significant availability impact, which can disrupt organizational operations, thus necessitating swift remediation efforts.
Monitoring for any unusual behavior related to the Cisco Secure Client Software should also be a part of the organization's security strategy.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)