Vigil@nce - Cisco AnyConnect Secure Mobility Client: executing DLL code via Network Access Manager and Web Security Agent
March 2021 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer-vulnerabilities-watch-and-alert
SYNTHESIS OF THE VULNERABILITY
Impacted products: Cisco AnyConnect Secure Mobility Client.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Confidence: confirmed by the editor (5/5).
Creation date: 13/01/2021.
DESCRIPTION OF THE VULNERABILITY
An attacker can create a malicious Network Access Manager and Web
Security Agent DLL, and then put it in the current directory of
Cisco AnyConnect Secure Mobility Client, in order to execute code.
ACCESS TO THE FULL VIGIL@NCE BULLETIN