Cisco AnyConnect urges admins to update now to avoid security threats

Cisco is urging customers of its AnyConnect service to apply a fix for a several years-old vulnerabilities after it spotted them being abused in the wild. 

The two vulnerabilities in question are tracked as CVE-2020-3433 and CVE-2020-3153. They are found in the Cisco AnyConnect Secure Mobility Client for Windows and allow local threat actors to run DLL hijacking attacks and use system-level privileges to copy files to system directories. Should they succeed, they could run arbitrary code on target endpoints with system privileges, it was added.

Exploiting the flaws isn’t that easy, though, as it requires the attackers to have system credentials. However, there are proof-of-concept exploits out there, showing how these vulnerabilities could be tied together with Windows privilege escalation flaws. 

The flaws were patched in 2020, but Cisco has now been forced to ring the bell again following evidence pointing to new abuse.

"In October 2022, the Cisco PSIRT became aware of additional attempted exploitation of this vulnerability in the wild," it said. "Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."

Further proof of exploitation in the wild comes from the US Cybersecurity and Infrastructure Security Agency (CISA). The organization has recently added these two Cisco flaws to its Known Exploited Vulnerabilities catalog - a catalog that lists flaws being used by threat actors. Being added also means all Federal Civilian Executive Branch Agencies (FCEB) are forced, by the November 2021 binding operational directive (BOD 22-01), to apply the patches or otherwise mitigate the problem immediately.

“These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," CISA added. Federal agencies have until November 11 to get the job done. 

Cisco AnyConnect Secure Mobility Client is a tool offering secure enterprise network access from any endpoint

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/Ccpnhta
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us