Cisco AnyConnect Secure Mobility Client VPN Downloader RCE (cisco-sa-20120620-ac)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by an
arbitrary code execution vulnerability.

Description :

The remote host has a version of Cisco AnyConnect < 2.5 MR6.
Such versions are potentially affected by an arbitrary code execution
vulnerability. The WebLaunch VPN downloader implementation does not
properly validate binaries that are received, which can allow remote
attackers to execute arbitrary code via ActiveX or Java components.

See also :

http://www.nessus.org/u?b0b6c065
http://www.zerodayinitiative.com/advisories/ZDI-12-156/
http://seclists.org/fulldisclosure/2012/Aug/278

Solution :

Upgrade to Cisco AnyConnect Secure Mobility Client 2.5 MR6 or greater.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 59820 ()

Bugtraq ID: 54107

CVE ID: CVE-2012-2493

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now