The vulnerability has been reported by security researcher Filip Dragović. A successful exploit could allow the attacker to execute code with SYSTEM privileges,” the Cisco advisory revealed. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. “This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. In early June, Cisco published a security advisory about CVE-2023-20178, a vulnerability in the client update process of both Cisco An圜onnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows. About the vulnerabilityĬisco Secure Client Software – previously known as Cisco An圜onnect Secure Mobility Client – is unified endpoint security software designed to assist businesses in expanding their network access capabilities and enabling remote employees to connect via both wired and wireless connections, including VPN. Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco An圜onnect Secure Mobility Client Software for Windows has been published.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |