Exploit released for Cisco AnyConnect bug giving SYSTEM privileges

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows that can let attackers elevate privileges to SYSTEM. Cisco Secure Client helps employees to work from anywhere using a secure Virtual Private Network and provides network admins with telemetry and endpoint management features.

Cisco released security updates to address this security bug last Tuesday when it said its Product Security Incident Response Team did not have evidence of malicious use or public exploit code targeting the bug in the wild.

CVE-2023-20178 was fixed with the release of AnyConnect Secure Mobility Client for Windows 4.10MR7 and Cisco Secure Client for Windows 5.0MR2. ​Earlier this week, proof-of-concept exploit code was published by security researcher Filip Dragović who found and reported the Arbitrary File Delete vulnerability to Cisco.

As Dragović explains, this PoC was tested against Cisco Secure Client and Cisco AnyConnect.

In October, Cisco warned customers to patch two more AnyConnect security flaws because of active exploitation in attacks.

Two years ago, Cisco patched an AnyConnect zero-day with public exploit code in May 2021, six months after its initial disclosure in November 2020,.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us About your Needs
Get an Answer the Same Business Day

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

A Vumetric expert will contact you to learn more about your cybersecurity needs and goals.

The project's scope will be defined (Target environment, deadlines, requirements, etc.)

A detailed quote including all-inclusive pricing and statement of work is sent to you.

This field is for validation purposes and should be left unchanged.


Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.


Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.