This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote host is affected by a privilege escalation vulnerability.
The Cisco AnyConnect Secure Mobility Client installed on the remote
host is version 3.x prior to 3.1.11004.0 or 4.x prior to 4.1.6020.0.
It is, therefore, affected by an untrusted search path flaw in the
CMainThread::launchDownloader method due to a failure to check the
path to the downloader application and associated DLL files. An
authenticated, local attacker can exploit this, via running the
downloader application from outside its expected location and
providing crafted DLLs, to execute arbitrary commands on the host with
privileges equivalent to the SYSTEM account.
Note that this vulnerability resulted from an incomplete fix for
See also :
Upgrade to Cisco AnyConnect Secure Mobility Client version
3.1.11004.0 / 4.1.6020.0 or later.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.5
Public Exploit Available : true