Vigil@nce - Cisco AnyConnect Secure Mobility Client for Windows: executing DLL code via VPN Posture Module
April 2021 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/computer-vulnerability
SYNTHESIS OF THE VULNERABILITY
Impacted products: Cisco AnyConnect Secure Mobility Client.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Confidence: confirmed by the editor (5/5).
Creation date: 17/02/2021.
DESCRIPTION OF THE VULNERABILITY
An attacker can create a malicious VPN Posture Module DLL, and
then put it in the current directory of Cisco AnyConnect Secure
Mobility Client for Windows, in order to execute code.
ACCESS TO THE FULL VIGIL@NCE BULLETIN