"PoC Exploit Published for Cisco AnyConnect Secure Vulnerability"

A security researcher has recently published proof-of-concept (PoC) code targeting a recently patched high-severity vulnerability in the Cisco AnyConnect Secure Mobility Client and Secure Client for Windows.  Cisco AnyConnect Secure Mobility Client and Secure Client for Windows allow remote employees to connect to an organization’s network using a secure virtual private network (VPN) and provide monitoring capabilities.  The vulnerability is tracked as CVE-2023-20178 (CVSS score of 7.8) and is a security defect that impacts the client update process of the software, allowing a local attacker with low privileges to elevate their access and execute code with System privileges.  Cisco noted that this vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process.  An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process.  The security researcher who released the PoC is Filip Dragovic, who reported CVE-2023-20178 to Cisco.  Dragovic stated that he tested the PoC on Secure Client version 5.0.01242 and AnyConnect Secure Mobility Client version 4.10.06079.  Dragovic noted that only the Windows iterations of the software are impacted.  Cisco addressed CVE-2023-20178 in early June with the release of AnyConnect Secure Mobility Client version 4.10.07061 and Secure Client version 5.0.02075.

SecurityWeek reports: "PoC Exploit Published for Cisco AnyConnect Secure Vulnerability"